Here's what's been trending:
Anthropic leaked its own source code twice. 513K lines exposed hidden features and the full product roadmap. Over 8,100 DMCA takedowns filed.
Microsoft just had its worst quarter since 2008. Stock dropped 23%, shedding $357B in market cap. Copilot adoption is stuck at 3%.
North Korea and cybercriminals hit the open-source supply chain. Axios, Mercor, and Cisco all breached through npm and PyPI in a single week.
Iran bombed an AWS data center in Bahrain. The IRGC named 17+ US tech companies as targets. 46 arrested in the Starlink crackdown.
Coatue's leaked deck projects Anthropic at $1.995T by 2030. $18B in 2026 revenue, $14B EBITDA loss. Already running ahead at $19B ARR.
Startup Intros has a simple mission: to help tech founders navigate everything in the early-stage, from compliance to capital.
🔥 Startup Intros Events Coming Up
Apr 3: Caffeine & Capital: Our morning coffee meetup is back at Corgi Cafe in FiDi! Grab coffee, meet founders and investors & register on Luma!
Apr 7-9: HumanX 2026: 350+ amazing tech speakers, role-specific tracks, and hands-on workshops at Moscone. Use my code to Get $100 off!
Apr 16: Founder Real Talk on PMF: Build products people pay for, read growth signals, and know when to pivot. Register on Luma!
Apr 28-29: Startup Grind Conference: 5,000+ founders, investors & operators at the Fox Theatre in Redwood City, and we're planning a happy hour! Get $100 off with code STARTUPINTROSGC!
🔓 Anthropic's Source Code Spills Into the Open
🗂️ The Claude Code Leak
Version 2.1.88 of @anthropic-ai/claude-code shipped with a 59.8 MB JavaScript source map that mapped minified production code back to the original TypeScript, pointing to a publicly accessible zip on Anthropic's Cloudflare R2 bucket. Security researcher Chaofan Shou posted the direct link on X. Within hours, mirrored repos appeared on GitHub, accumulating tens of thousands of stars before takedowns hit.
The Exposure: There were 513,000 lines of TypeScript across 1,906 files. Anthropic filed more than 8,100 DMCA takedown requests, but the sweep went further than intended, hitting forks of Anthropic's own public repository. The code is now mirrored across hundreds of repos outside GitHub's reach. One rewrite called claw-code crossed 100K stars, becoming one of the fastest-growing repos in GitHub history. This is the second time the same source map error has occurred; a nearly identical leak occurred in February 2025.
🧠 Kairos & Dream Mode
The most revealing part wasn't the code itself; it was what the code described. Buried in the source were references to unreleased features that paint a picture of where Anthropic is headed:
Kairos is an always-on background agent that watches, logs, and acts autonomously, maintaining append-only daily logs of its observations
Dream Mode lets Claude think continuously between active sessions, consolidating memory and iterating on work
Buddy is a gamified AI companion with 18 species and rarity tiers
Coordinator Mode allows for orchestrating parallel worker agents
Ultraplan allows it to do longer 30-minute remote planning sessions
The leaked code reads less like a chat product and more like an operating system for AI-native work.
💰 The Coatue Deck
Newcomer reported that Coatue's January investor presentation projected Anthropic reaching a $1.995T valuation by 2030. The deck shows $18B in 2026 revenue with a $14B EBITDA loss, ending the year at $30B ARR. By 2031: $200B in revenue, $48B in EBITDA profit, $224B ARR, and a potential $2.413T valuation.
The Revenue: Anthropic is already at $19B in ARR, running ahead of Coatue's projections. The Series G closed in February at $380B. If the trajectory holds, the gap between $380B and $1.995T is less than four years.
Translation: Anthropic leaked its source code, product roadmap, and financial projections in the same week. When your roadmap leaks alongside a $2T valuation forecast, is it a disaster or the most expensive product demo in history?
Turn AI into Your Income Engine
Ready to transform artificial intelligence from a buzzword into your personal revenue generator?
HubSpot’s groundbreaking guide "200+ AI-Powered Income Ideas" is your gateway to financial innovation in the digital age.
Inside you'll discover:
A curated collection of 200+ profitable opportunities spanning content creation, e-commerce, gaming, and emerging digital markets—each vetted for real-world potential
Step-by-step implementation guides designed for beginners, making AI accessible regardless of your technical background
Cutting-edge strategies aligned with current market trends, ensuring your ventures stay ahead of the curve
Download your guide today and unlock a future where artificial intelligence powers your success. Your next income stream is waiting.
📉 Microsoft's Worst Quarter Since 2008
📊 The 23% Plunge
Microsoft closed Q1 2026 down approximately 23%, erasing $357B in market cap. The stock compressed to below 20x forward earnings, the lowest since June 2016. The Nasdaq fell only 7% in the same period.
The Core Issue: There’s a growing gap between AI spending and AI revenue. Q1 capex surged 74% year-on-year to $34.9B, with full-year guidance at $146B for FY2026, up 66% from $88B. Azure grew 39%, but only 3% of commercial Office customers have licensed Copilot. Daily active users sit at 6M vs. ChatGPT's hundreds of millions. The AI bet hasn't converted.
🏗️ The CFO Bottleneck
CFO Amy Hood paused some datacenter initiatives, signaling that even Microsoft's finance team isn't convinced the capex math works at this scale. But the buildout hasn't stopped entirely. Microsoft entered into exclusive talks with Chevron and Engine No. 1 for a $7B natural gas power plant in West Texas, targeting 2,500 MW initially, with a 5,000 MW expansion. Power is the bottleneck, not ambition.
🤖 The Self-Sufficiency Push
AI Chief Mustafa Suleyman is leading the "self-sufficiency" strategy, launching three in-house models (MAI-Transcribe-1, MAI-Voice-1, MAI-Image-2) and the Maia 200 custom AI chip. Meanwhile, Copilot injected promotional tips into 1.5M+ GitHub pull requests. Microsoft called it a "programming logic issue." After backlash, GitHub killed the feature. And the UK CMA launched a Strategic Market Status investigation into Microsoft's software ecosystem, questioning whether control of both AI models and enterprise apps creates an unfair advantage.
Translation: Microsoft spent $34.9B on AI in one quarter, and investors wiped out $357B in market cap. When the company that bet the most on AI is also getting punished the most by markets, what does that tell the industry about the gap between AI spending and AI revenue?
🔗 The Supply Chain Attack Wave
🇰🇵 The Axios Hack
On March 31, threat actors compromised the Axios npm maintainer account and published two poisoned versions. Axios has 100M+ weekly downloads. The attack injected a phantom dependency that deployed WAVESHAPER.V2 backdoor malware across all platforms. The packages were live for two to three hours, but ~3% of users downloaded compromised versions, and 135 endpoints contacted the attacker's C2 infrastructure.
Whose Responsible: Google attributed the attack to UNC1069, a North Korean state group. Microsoft separately attributed it to Sapphire Sleet. North Korea is targeting the dependencies your entire stack runs on.
🏢 Mercor, Cisco, and Hasbro
A separate group, TeamPCP, ran a coordinated campaign against open-source tools starting in late February. They compromised PyPI credentials for LiteLLM, injecting a backdoor into two versions. AI hiring platform Mercor was hit. Lapsus$ claimed credit: 939GB of source code, 211GB of user databases, and 3TB of storage containing video interviews and identity documents.
TeamPCP also hit Cisco. They exploited stolen Trivy vulnerability scanner credentials and force-pushed malicious commits to 76 of 77 Trivy GitHub Action tags on March 19. Every CI/CD pipeline running Trivy was silently executing credential-stealing malware. The haul: 300+ repos from Cisco, including AI Assistant source code, AI Defense blueprints, and AWS credentials. Separately, Hasbro disclosed unauthorized access on March 28 and warned recovery could take weeks.
🌐 The Open-Source Attack Surface
The Pattern: One compromised maintainer account cascades across thousands of downstream users. The DarkSword iOS exploit chain, disclosed March 18, adds another layer. A Turkish surveillance vendor used the six-vulnerability, three-zero-day kit against targets in Turkey and Malaysia. When the exploit hit GitHub, multiple threat actors adopted it simultaneously.
Translation: North Korea poisoned a library with 100M+ weekly downloads, a threat group stole Cisco's AI blueprints through a vulnerability scanner, and an AI startup lost 3TB of candidate data. The playbook is the same: compromise one maintainer account, ride the dependency tree into thousands of companies. The question isn't whether your stack has been compromised; it's whether you'd know if it had.
🇮🇷 Iran's Digital War Comes for Big Tech
💥 AWS Bahrain Gets Hit
On April 1, Bahrain's interior minister confirmed a fire at a commercial facility caused by Iranian aggression. The FT identified the target as an AWS data center. This followed a March 1 Shahed drone strike on AWS facilities in the UAE and Bahrain, the first time a country deliberately targeted commercial data centers in wartime.
The April 1 attack was more severe. 73 AWS services were impacted, and only 34 were resolved by April 2. Amazon waived the entire month's charges for affected customers.
🎯 Iran Names Its Targets
The day before the strike, the IRGC named 17+ US tech companies as targets: Apple, Microsoft, Google, Meta, Nvidia, Intel, Cisco, Oracle, IBM, HP, Dell, Tesla, Palantir, Boeing, GE, and J.P. Morgan Chase. The IRGC claimed these firms were assisting US-Israeli operations and announced attacks beginning April 1 at 8 PM Tehran time, warning employees to evacuate within one kilometer.
📡 The Starlink Crackdown
The Crackdown: Inside Iran, a different digital war. 46 people were arrested in a crackdown on Starlink's black market, with 139 devices seized. An estimated 50,000 Starlink terminals are located in Iran. Users face up to 10 years imprisonment, with execution possible. Enforcement includes GPS spoofing, RF jamming, and physical raids. The crackdown is part of a broader internet shutdown that began in late 2025 and intensified alongside the US-Israel conflict.
Translation: Iran bombed a data center, named 17+ tech companies as targets, and arrested 46 people for owning Starlink terminals. AWS had 73 services go down. When a country starts bombing data centers and naming Apple, Google, and Nvidia as enemies, "cloud region risk" takes on an entirely different meaning.
🚀 Product Launch Quick Hits
Cloudflare EmDash: Open-source WordPress successor built on Cloudflare's stack. Full content management without the plugin bloat.
Alibaba Qwen3.5-Omni + Qwen3.6-Plus: Three closed-source models in three days. Alibaba is shipping faster than anyone expected.
Google Veo 3.1 Lite: Cheaper video generation tier for developers who don't need the full Veo 3.1 output quality.
Salesforce Slack overhaul: 30+ new features including meeting transcription, desktop agent integration, and a redesigned interface.
Nvidia DLSS 4.5: 6x Multi-Frame Generation, exclusive to RTX 50 series. Biggest upscaling jump in years.
Meta Ray-Ban Blayzer + Scriber Optics: $499 smart glasses with prescription lenses for the first time. Camera, speakers, and AI built in.
Google screenless Fitbit band: Subscription-first wearable, no display. Google is betting that AI coaching matters more than a screen.
Samsung blood pressure monitoring: Galaxy Watch gets FDA-cleared blood pressure tracking in the US. First major smartwatch to do it.
Apple Siri multi-request processing: iOS 27 lets Siri handle multiple requests in a single prompt. The assistant finally catches up to 2024.
PrismML 1-bit LLM: Out of stealth with radical compression. Runs large models on consumer hardware by quantizing weights to 1 bit.
Bluesky Attie app: Agentic social app powered by Claude. Autonomously curates, replies, and manages your Bluesky presence.
OpenAI Codex plugin for Claude Code: OpenAI's code generation model available as a Claude Code plugin. Yes, you read that right.
👔 Personnel Quick Hits
Doug Leone returns to Sequoia as chairman: The legendary dealmaker comes back to oversee the firm's AI-era strategy after stepping down in 2022.
Sriram Krishnan moves to the National Economic Council: Former a16z partner shifts from White House AI czar role to lead AI policy at the NEC.
David Sacks shaping Trump's AI agenda post-czar: Left his special government employee role but continues to influence AI legislation behind the scenes.
Oracle cuts 30K globally, 10K in India: Massive restructuring as the company shifts resources toward cloud infrastructure and AI services.
Snap jumps 14% on activist Irenic plan: Irenic Capital pushes Snap to cut 21% of staff and shut down Spectacles hardware. Stock rallies on the news.
Medvi: $401M in sales with 2 full-time employees: The AI telehealth startup that proves you can build a $400M+ revenue business with AI doing the work.
Musk-SEC Twitter stake fight heads to trial: SEC alleges Musk failed to disclose his Twitter stake on time, manipulating the purchase price. Trial date set.
Super Micro co-founder pleads not guilty to China smuggling: Wally Liaw faces charges for allegedly shipping restricted technology to China.
🌟 Editor's Note
At Startup Intros, our mission is to bring the latest founder-investor news straight to your inbox, keeping you ahead in the fast-paced world of Silicon Valley.
💭 Parting Thoughts
Anthropic leaked 513,000 lines of source code and a $2T valuation forecast. Microsoft shed $357B in market cap on 3% Copilot adoption. North Korea poisoned a library with 100M+ weekly downloads. Iran bombed a data center and named 17 tech companies as targets.
The theme is exposure. Anthropic's code, Microsoft's spending gap, the open-source supply chain, and commercial data centers are all proven vulnerable in the same week. Build with urgency. Audit your dependencies. And check which AWS region your startup is in.
Till next time!
 | Dev Chandra |
Startup Intros Trending Thursday: Your trusted source for founder-investor insights, delivered with clarity and focus.