Something shifted this week. The big news wasn’t a better chatbot — it was infrastructure for AI that works while you’re not watching.
At Google I/O on May 19, Google unveiled Gemini Spark: a persistent AI agent that runs 24/7 on dedicated cloud VMs, connects to Gmail and Chrome, and takes tasks by email. It’s not a chatbot you summon. It’s a process you leave running. Google also announced Gemini 3.5 Flash — $1.50 per million input tokens, a 1M-token context window, four times faster than comparable frontier models — and relaunched its Antigravity developer platform with agent orchestration at the center. A $100/month AI Ultra tier arrived alongside it, explicitly targeting power users who want sustained compute rather than chat sessions. Taken together, the I/O keynote was less a product demo than a reframing: the future of AI isn’t foreground prompts, it’s background processes.
Anthropic made the same argument from a security angle. Project Glasswing is a controlled rollout of Claude Mythos Preview — Anthropic’s most capable model, deliberately kept off the public API — to a coalition of AWS, Apple, Cisco, Google, Microsoft, the Linux Foundation, and others. Before the announcement, Anthropic used Mythos to autonomously find thousands of zero-day vulnerabilities across every major operating system and browser, including a 20-gadget ROP chain targeting FreeBSD’s NFS server and a race-condition privilege escalation in Linux. This is what a capable autonomous agent looks like applied to a hard, adversarial task: it found things that teams of humans had missed. Anthropic’s decision to keep Mythos gated is itself data — a tacit acknowledgment that the same capability making it useful for defense makes it genuinely dangerous in the open.
The structural moves
Two deals from the past few weeks deserve more attention than they’ve gotten. In late April, Microsoft and OpenAI restructured their partnership from an exclusive arrangement to a non-exclusive one: other clouds can now license OpenAI models directly, the AGI-clause milestone trigger was removed entirely, and the deal now runs on calendar dates and financials. Azure stays primary, but OpenAI is now effectively available to every major cloud. Any single cloud’s moat around frontier AI narrows considerably.
In Brussels, EU negotiators reached a provisional agreement extending the EU AI Act’s high-risk compliance deadline from August 2026 to December 2027, simplifying the “safety component” definition, and adding two new prohibitions: AI-generated non-consensual intimate imagery and CSAM. The timeline relief is real — companies building AI into regulated products have over a year more than they thought — and the new prohibitions signal that even a deregulatory mood has hard limits on specific harms.
The common thread: the interesting problems in AI right now aren’t mostly about whether models can answer questions. They’re about what happens when models act — autonomously, continuously, across connected accounts and infrastructure — and who’s responsible when they do. Google is building the plumbing for persistent agents. Anthropic is demonstrating what truly autonomous capability looks like and choosing, for now, to limit it. The OpenAI deal is removing cloud exclusivity so agents can run anywhere. The EU is trying to write rules before the buildout is complete.
That’s a lot of load-bearing decisions happening simultaneously, with no shared framework covering any of it.