Daily Digest — 2026-04-04

AI & ML News

Google Releases Gemma 4: Open Models for Agentic Workflows — Google announced Gemma 4, their "most intelligent open models to date," purpose-built for advanced reasoning and agentic workflows. The 31B model ranks #3 globally on Arena AI, while the 26B model holds #6, outcompeting models 20x their size. All variants include native multimodal support, 140+ language training, and context windows up to 256K tokens.

Android Gets Gemma 4 Integration via AICore Developer Preview — Google launched Gemma 4 as the foundation for next-generation Gemini Nano, with code written for Gemma 4 automatically working on upcoming Gemini Nano 4-enabled devices. Developers can access E2B (fast) and E4B (full) variants through Android Studio's ML Kit Prompt API, enabling on-device AI inference with production-ready optimization.

Anthropic Restricts Third-Party Tool Access for Claude Subscriptions — Starting April 4 at 12pm PT, Claude subscriptions will no longer cover usage on third-party tools like OpenClaw, forcing developers to manage capacity differently. This move affects developer workflows relying on integrated Claude access through external coding tools and platforms.

Microsoft Launches MAI Superintelligence Models — Microsoft released MAI-Transcribe-1, MAI-Voice-1, and MAI-Image-2 through Microsoft Foundry, covering speech-to-text, voice generation, and image creation. The models represent the first output from Microsoft's six-month-old superintelligence team pursuing "AI self-sufficiency".

Chrome Zero-Day CVE-2026-5281 Affects WebGPU Dawn Implementation — Google patched a high-severity use-after-free vulnerability in Dawn, the WebGPU implementation, that allows remote code execution via crafted HTML pages. CISA added the actively exploited flaw to its KEV catalog, requiring federal agencies to patch by April 15.

Developer News

GitHub REST API 2026-03-10 Introduces Breaking Changes — GitHub released calendar version 2026-03-10, the first to include breaking changes since introducing calendar-based versioning. The previous version 2022-11-28 remains supported for 24 months, with requests defaulting to it unless the X-GitHub-Api-Version header specifies otherwise.

Apple Updates App Store Requirements for iOS 26 SDK — Starting April 28, 2026, all apps uploaded to App Store Connect must be built with iOS 26 & iPadOS 26 SDK or later, alongside similar requirements for tvOS 26, visionOS 26, and watchOS 26. The update also mandates 64-bit support for watchOS apps.

Open Source Vulnerabilities Double as AI Development Accelerates — The 2026 OSSRA report shows open source vulnerabilities doubled to 581 per codebase, marking a 107% increase as AI coding assistant adoption reaches 85% of organizations. Additionally, 65% of organizations experienced supply chain attacks in the past year, with attackers increasingly targeting the ecosystem itself.

Major Security Vulnerabilities Hit Multiple Platforms — Cisco released patches for CVE-2026-20093 (CVSS 9.8), a critical IMC authentication bypass allowing password changes for any user including admins. Meanwhile, the React2Shell vulnerability enabled credential harvesting from 766 hosts across multiple cloud providers, targeting SSH keys, AWS secrets, and GitHub tokens.