NerdNews

The US has imposed a 25% tariff on Nvidia's H200 AI chips headed to China. The tariff applies to certain semiconductors produced outside the US and exported to other countries. Nvidia can still sell the chips to vetted customers in China, despite the tariff.

TSMC has announced Q4 2025 revenue of $33.7 billion, up 25.5% from last year, and forecasts 30% revenue growth in 2026. The company attributes its success to the ongoing AI boom, which it expects to continue for at least two to three years. TSMC is investing heavily in new manufacturing capacity, including a 2nm process, and expects price rises due to increasing capital expenditure.

OpenAI will deploy 750 megawatts worth of Cerebras' accelerators to bolster its inference services, valued at over $10 billion. The deal will integrate Cerebras' wafer-scale compute architecture into OpenAI's inference pipeline, taking advantage of the chip's massive SRAM capacity to speed up inference. This will enable faster performance and real-time agents, but also has limitations due to SRAM's space inefficiency.

OpenAI has hired two cofounders of Thinking Machines Lab, Barret Zoph and Luke Metz, and plans to bring over more researchers. The move comes after a reported incident of serious misconduct by Zoph at Thinking Machines Lab. OpenAI also announced that another former researcher, Sam Schoenholz, is rejoining the company. The hires are part of OpenAI's efforts to automate jobs with AI, including training agents to do economically valuable work.

Microsoft's Copilot Studio extension for VS Code is now publicly available, allowing developers to build and manage Copilot Studio agents directly from VS Code. The extension enables developers to treat Copilot Studio agents as code, integrating them into the development workflow, and supports standard Git integration, request-based review pulling, modification history, and commonly used keyboard shortcuts.

Tesla will stop selling its Full Self-Driving (FSD) feature as a standalone package and instead offer it as a $99-a-month subscription. This shift in strategy comes as the company's sales continue to slip and its robotaxi strategy falters. The move is seen as a way for Tesla to increase its recurring revenue and add more subscribers to its FSD service.

OpenAI has invested in Merge Labs, a brain computer interface startup founded by Sam Altman. The startup aims to develop non-invasive BCI technology using molecules instead of electrodes. OpenAI will work with Merge Labs on scientific foundation models and other tools to accelerate progress.

Companies are using AI to automate customer service, but it's not always successful. While AI can handle simple tasks, it often struggles with complex issues and providing human empathy. Some companies, like Intercom, have found success with AI-powered customer service, but others have pulled back due to poor customer experiences.

OpenAI has invested in Merge Labs, a company developing brain-computer interfaces that can control devices with thoughts. The investment is part of a $252 million seed round and aims to create a natural, human-centered way to interact with AI. Merge Labs plans to use molecules and ultrasound to interface with neurons, avoiding the need for implantation.

Over half of AI projects have been delayed or canceled due to complexities with AI infrastructure. A research report found that two-thirds of IT and business decision-makers surveyed said their AI environments are too complex to manage, leading to financial and operational challenges.

Anthropic's Cowork productivity AI has a Files API exfiltration attack chain, allowing attackers to transmit sensitive files without user approval. This is the same bug reported in Claude Code last October, which Anthropic failed to fix. The company is now warning Cowork users to be cautious when connecting to sensitive documents.

A coalition of 28 digital rights organizations is demanding Apple and Google remove X and its AI sidekick Grok from their app stores due to the AI's tendency to produce illicit images of real people. The groups argue that allowing the apps to remain available violates Apple's and Google's own app store policies against facilitating or profiting from abusive content.

The Raspberry Pi AI HAT+ 2 delivers 40 TOPS of inference performance with 8 GB onboard RAM, targeting local AI computing. It features the Hailo-10H neural network accelerator and supports large language models, vision language models, and generative AI applications. The device is designed for edge-based use cases, particularly those requiring LLM or other generative AI functionality, and may be suitable for industry use cases that need to keep processing local.

Microsoft, Meta, Amazon, Perplexity, and Mistral AI have joined Google in paying the Wikimedia Foundation for access to its projects, including Wikipedia, through the Wikimedia Enterprise program, which offers a premium version of Wikipedia's API for commercial use.

Amazon Web Services has announced the general availability of its European Sovereign Cloud, a cloud service entirely located within the EU and physically separate from other AWS Regions. The service is designed to meet the needs of European governments and enterprises for sensitive data, with 90 services available from compute to database, networking, security, storage, and AI. AWS also plans to expand its Local Zones in the EU, with Belgium, the Netherlands, and Portugal set to launch soon.

Researchers have discovered vulnerabilities in Google's Fast Pair protocol used by 17 models of headphones and speakers, leaving hundreds of millions of devices open to wireless hacking and tracking. The vulnerabilities, known as WhisperPair, can allow hackers to silently pair with devices, hijack audio streams, and even track a user's location.

A critical misconfiguration in AWS's CodeBuild service allowed for the takeover of AWS's own GitHub repositories, putting every AWS environment at risk. The vulnerability, dubbed CodeBreach, was discovered by Wiz security researchers and has been fixed by AWS. The flaw was caused by two missing characters in the webhook filters, which are supposed to defend against untrusted pull requests.

The US CISA, UK NCSC, and FBI have released new security principles to protect operational technology environments from growing cyber risks. The guidance focuses on designing and managing secure connectivity in OT systems, reducing exposure to adversaries, and embedding security into network design.

A critical misconfiguration in AWS CodeBuild allowed attackers to seize control of core AWS GitHub repositories, including the JavaScript SDK that underpins the AWS Console. The issue, dubbed CodeBreach, exposed a weakness in the continuous integration pipelines used by AWS-managed open-source projects.

A critical vulnerability in Google's Fast Pair protocol allows attackers to hijack Bluetooth audio accessories, track users, and eavesdrop on conversations. The flaw, dubbed WhisperPair, affects hundreds of millions of devices from multiple manufacturers, including Google, Jabra, and Sony. Attackers can exploit the vulnerability using any Bluetooth-capable device to forcibly pair with vulnerable accessories and gain control over the audio device.