Lumina Digest

OpenAI Files a Confidential S-1 With the SEC and Begins the Path Toward an IPO

OpenAI has submitted a confidential draft registration to the SEC, the first formal step toward a possible listing, a week after Anthropic. But it's pumping the brakes on timing, and the financials remain the open question.

OpenAI has filed a confidential draft registration (draft S-1) with the SEC, the first formal step toward a possible public listing. The move comes about a week after Anthropic's similar one (~June 1). The company, however, clarified that it has not yet decided on the timing: “we haven't decided on the timing; it could take a while, because there are things we want to do and it's easier to do them as a private company.” It is nonetheless keeping “the option to list sooner, if that turned out to be the better choice.”

The confidential filing makes it possible to prepare the IPO without making the figures public until the company decides to proceed. As of now, neither a price nor a fundraising target has been disclosed. On valuation, OpenAI was valued at about $852 billion post-money in March 2026 and traded around $880 billion on the secondary markets in April. The $1,000 billion threshold, by contrast, is the one recently reached by Anthropic on Forge Global, not by OpenAI. For comparison, SpaceX is expected to list at ~$1,750 billion.

The real crux is the financials, and they remain projections. According to Wall Street Journal figures cited by TechCrunch — not data from a public S-1, which remains confidential — for 2028 OpenAI expects to spend on computing capacity for research a figure close to the $122 billion from the March round, and to burn through about $85 billion in the same year. Even with revenues doubled, it would not generate more cash than it spends for at least another four years. This is where the skepticism is concentrated. Public markets demand evidence of sustainable margins and operational discipline. And several analysts wonder whether frontier AI resembles software, with its scalable margins, or rather a capital-intensive industry. In the latter, the cost of inference grows with usage, instead of diluting at scale. The shift to public markets turns the private narrative into verifiable reporting.

Why it matters

• Entrepreneurs: After Anthropic, OpenAI too is moving toward the public markets: the competitive contest in AI is shifting from who has the best model to who can withstand capital, disclosure, and credibility with investors and regulators. For anyone building a business, it's the signal that scale, in this sector, requires access to capital as much as innovation.
• LLM builders / devs: An IPO brings the provider's financials into the public spotlight: burn, inference margins, and price sustainability become reportable. Those building on top of these models gain a yardstick to judge how sustainable the costs — and therefore the API prices — that their own stack rests on really are.

Anthropic Claims Over 80% of Its Code Is Written by Claude, but Pumps the Brakes on Recursive Self-Improvement

Based on internal metrics that are neither audited nor independently reproducible, the Anthropic Institute argues that Claude is accelerating its in-house development. In the same document, «When AI builds itself», however, it denies that recursive self-improvement is already a reality.

The Anthropic Institute has published When AI builds itself, authored by Marina Favaro and Jack Clark. The official page does not display a publication date, but independent coverage places the release between June 4 and 5, 2026. The opening figure rests on the company's internal metrics, which are neither audited nor independently verifiable. As of May 2026, more than 80% of the code merged into Anthropic's codebase is reportedly written by Claude. Before the research-preview launch of Claude Code (February 2025), that share stood at "low single digits". Leadership estimates 90% or more when including scripts and experimental code. In the second quarter of 2026, the typical engineer reportedly merged 8× the code per day compared with 2024.

The report, however, downplays the metric on its own: "lines of code is an imperfect measure", and that multiplier "is almost certainly an overstatement of the true productivity gain". Above all, it rebuts the more sensationalist reading: "We are not there yet, and recursive self-improvement is not inevitable". Recursive self-improvement — an AI that designs and trains its own successor — remains a future scenario, not an achieved result. One cited experiment rose from 23% to 97%, but "didn't transfer cleanly to production-scale models". This is why Anthropic is calling for a verifiable global mechanism to slow down or suspend frontier development, as reported by Tom's Hardware and The Next Web.

The timing fuels suspicion: State of Brand notes that the document came out just days after the confidential IPO filing (June 1), calling it "not neutral testimony... a pitch". The Next Web, for its part, asks whether this amounts to "principled transparency or strategic positioning".

Why it matters

• Frontier research: The report's value lies in the sharp boundary it draws: 80% assisted code is not recursive self-improvement, which Anthropic explicitly states has not yet been reached nor is inevitable. For anyone studying frontier capabilities and governance, two signals remain worth monitoring: the failed transfer of the 23%-to-97% result to production-scale models, and the call for a verifiable pause mechanism.
• LLM builders / devs: The figures Anthropic reports — 80% of merges, 8× code per day — are internal, unaudited self-claims, not an independently verifiable benchmark. The company itself warns that lines of code measure quantity, not quality, and overstate the real gain. They therefore stand as a reminder not to conflate volume with actual productivity within your own teams.
• Entrepreneurs: Its release just days after the IPO filing makes it imperative to separate apparent productivity from genuine autonomous capability before turning the «AI builds AI» slogan into an investment thesis or strategic decisions.

Microsoft Disables Around 70 GitHub Repositories Infected by a Credential-Stealing Worm Targeting AI Developers

Microsoft has taken dozens of its own open source projects on GitHub offline after credential-stealing malware was injected into them. The code activates as soon as a developer opens the compromised project in an AI agent such as Claude Code or Gemini CLI. It is the second compromise in just a few weeks, read by some researchers as a re-compromise of the same ecosystem.

Microsoft has disabled around 70 of its own open source projects on GitHub after credential-stealing malware was injected into them. Some outlets count 73 repositories, removed around June 5 by the platform's anti-fraud system. Many of the affected projects involved Azure services and tools used to code with AI agents. The malicious code activates the moment a developer opens a compromised project inside an assisted development environment, including Claude Code, Gemini CLI, and Visual Studio Code (some reports also include Cursor): at that point it steals passwords and other sensitive credentials.

The problem was flagged by the security firm Cloudsmith and the analysis platform OpenSourceMalware. According to some accounts, the malware is a self-replicating worm dubbed "Miasma", traceable to the Shai-Hulud worm family for npm. This trait explains its ability to re-spread: it is not an entirely novel technique, but the evolution of already known code.

The episode is the second in just a few weeks: in May, Microsoft's Durable Task project had already been compromised. OpenSourceMalware reads the June attack as a re-compromise of the same ecosystem, while Cloudsmith points to an incomplete credential rotation after the first incident. Microsoft, through spokesperson Ben Hope, says it "temporarily removed some repositories" during the investigation: some have already been restored, while others remain offline. It also warned "a small number of customers" who may have downloaded the infected content. The company has not, however, confirmed the link to the May incident. Nor has it clarified whether the attackers regained access or whether this is a separate intrusion: the overall scope remains unclear.

Why it matters

• ICT engineers / IT managers: It confirms that agentic development environments (Claude Code, Gemini CLI, VS Code) are now a direct supply chain target: credential theft is triggered when the project is opened in the agent, before any explicit build or execution. Token rotation, audits of recent clones, blocking agent auto-execution, and isolation of AI-dev environments become imperative. The re-compromise shows that partial remediation, without a complete credential rotation, is not enough.

From a Single Agent to Fleets: Boris Cherny Manages Up to Tens of Thousands of Agents

The creator of Claude Code says that on some days he orchestrates tens of thousands of AI agents in a hierarchical subagent architecture. In the second quarter of 2026, the typical Anthropic engineer was merging roughly 8 times as much code per day as in 2024 — on a metric that Anthropic itself calls an overstatement. Open questions remain around verification, oversight, and self-improvement.

Boris Cherny, creator and head of Claude Code at Anthropic, told Fortune Brainstorm Tech in Aspen that on some days he orchestrates fleets of AI agents at industrial scale: "This morning I was managing maybe a few hundred," he said, "some days it's thousands, or tens of thousands." He hasn't written code by hand in eight months (Fortune, June 8).

The mechanism is a hierarchical subagent architecture: "You have a Claude Code, but it has subagents that are other Claudes. The user is no longer prompting Claude: it's another Claude doing the prompting." Anthropic states that in the second quarter of 2026 the company's typical engineer was merging roughly 8 times as much code per day as in 2024. It cautions, however, that lines of code are an imperfect measure, one that rewards quantity over quality and "almost certainly" overstates the real productivity gain (Anthropic, "Recursive self-improvement"). Claude Code, meanwhile, by now "writes itself" and conducts its own security reviews, and "is starting to have ideas": it scans GitHub and X to decide what to build, and Cherny recounts waking up to find that Claude has already acted on several of them.

With generation automated, the bottleneck has shifted to review: Anthropic has deployed teams of agents with distinct "personas" that review every pull request (Fortune, June 9). Cherny also reframes the cost: it should be compared to what an engineer would have cost, not to a $20 subscription. The caveats remain. Independent coverage from OpenTools picks up on Fortune and describes a system in which higher-level Claudes prompt subordinate Claudes, with the human now outside the prompting loop. At this scale, "managing" tens of thousands of agents looks more like high-level oversight than fine-grained control of each one. This is our own reading, not a claim by OpenTools. And Cherny himself points to recursive self-improvement as "one of the great risks for AI."

Why it matters

• LLM builders / devs: The center of gravity of the work shifts from execution to orchestration: breaking down tasks, running parallel work, and above all verifying and integrating it. That code review has become the new bottleneck at Anthropic is the operational signal: without task scoping, permission policies, audit trails, tests, budget limits, and differential review, a fleet amplifies errors, duplication, and token consumption instead of useful throughput.

OpenAI Announces Its 'Third Phase': Automated AI Researcher, Personal AGI, and Abundant Intelligence

Sam Altman and Jakub Pachocki set three long-term goals for OpenAI. It is, however, a strategic statement, not a measurable release, arriving the same day as the confidential filing for the IPO.

On June 8, 2026, CEO Sam Altman and chief scientist Jakub Pachocki published "Built to benefit everyone: our plan", declaring that OpenAI is entering its "third phase". The document sets three stated goals: building an "automated AI researcher", accelerating the economy, and giving "every person on Earth a personal AGI". The framing is to make AI "abundant, accessible, safe, useful, and easy" enough that "every person and organization" benefits from it.

The only concrete date is an internal horizon. OpenAI believes that "by March 2028" a significant portion of its own research could be carried out by AI systems in tandem with human researchers. The intermediate milestone described in the roadmap is an autonomous research "intern" as early as 2026, a precursor to a fully automated researcher in 2028. On the safety front, the plan insists that "powerful systems must remain safe, aligned with human intent, and subject to human control". It also calls for forms of national and global coordination on risk.

It should be read for what it is. The independent coverage stresses that this is "direction-setting": long-term ambitions devoid of benchmarks, a technical path, or operational milestones beyond that single date. The timing is not an incidental detail. The announcement came the same day OpenAI confirmed the confidential filing for a possible IPO, which it described as still far off.

Why it matters

• LLM builders / devs: It's a roadmap signal, not a release: it's worth designing products and agents assuming progressively cheaper, more integrated, and more autonomous models. But as long as metrics, APIs, prices, and safety specs remain proprietary, it should be treated as strategic direction and not as an already-available capability on which to base a technical plan.
• Frontier research: If the stated goal is an "AI researcher" by 2028, the action point for the community is to design AI-scientist benchmarks — hypothesis formulation, experiments, verification/falsification — not just static tasks. The absence of public benchmarks in the plan makes defining them independently all the more urgent.