$690B

Five companies. One year. The largest private infrastructure bet in modern history.

Amazon, Alphabet, Meta, Microsoft, and Oracle will spend $660–690 billion on AI infrastructure in 2026. Combined. Nearly double what they spent last year. That’s more than four times what the entire US energy sector spends annually. Amazon’s capex alone exceeds the energy sector’s total.

These companies will consume nearly 100% of their operating cash flows to fund this buildout, compared to a 10-year average of 40%. 📊 And every one says the same thing: they’re supply-constrained, not demand-constrained. They can’t build fast enough.

If you’re still wondering whether AI is “real” — the people writing the checks answered that question. The better question is: what do you build on top of it?

📡 The Landscape

Two blog posts. Two enterprise categories repriced. One week.

On Friday, Anthropic released Claude Code Security — an AI tool that scans codebases for vulnerabilities the way a human security researcher would, not by matching known patterns but by reading and understanding code contextually. In internal testing, it found over 500 vulnerabilities in production open-source projects, some undiscovered for decades. It’s currently in limited research preview.

The market didn’t wait for general availability. CrowdStrike dropped 8%. Cloudflare fell 8.1%. Okta lost 9.2%. SailPoint shed 9.4%. The Global X Cybersecurity ETF hit its lowest level since November 2023.

Then on Monday, Anthropic published a blog post showing Claude Code can automate COBOL modernization — mapping dependencies, documenting workflows, and surfacing risks across the hundreds of billions of lines of COBOL that still power 95% of US ATM transactions. IBM, which has built a decades-long business servicing and modernizing those systems, dropped 13% — its worst single-day loss since 2000. Roughly $40 billion in market value, gone. Accenture and Cognizant each fell 6%.

The broader software sector ETF is now down 27% year-to-date, on pace for its worst quarter since the 2008 financial crisis.

Here’s what matters for builders: The real story isn’t any single announcement. It’s the pattern. AI labs are now releasing targeted capabilities — not general chatbots, but specific tools aimed at specific enterprise categories — and the market is repricing those categories the same day. Cybersecurity. Legacy modernization. SaaS workflows (Claude Cowork triggered a similar selloff earlier this month). Each disruption creates a vacuum. Incumbents are scrambling. Builders who move fast into those vacuums will define the next generation of enterprise software. ⚡

Hype vs. Reality: 9/10 — This isn’t hype. Two blog posts moved $40B+ in market cap. The pattern is proven and accelerating.

🧠 The Supervisor Era

Spotify stopped writing code. Microsoft says you’re next.

Two stories from the past two weeks that, taken together, tell you everything about where white-collar work is headed.

First: Spotify co-CEO Gustav Söderström told investors that the company’s most senior engineers haven’t written a single line of code since December. They use an internal system called Honk, built on Claude Code, that lets an engineer fix a bug in the iOS app via Slack on their phone during their morning commute — and merge to production before they walk through the door. Fifty-plus features shipped in 2025 this way. Revenue up 13%. 751 million monthly users.

Then: Microsoft AI chief Mustafa Suleyman told the Financial Times that most white-collar tasks — law, accounting, marketing, project management, anything where you sit at a computer — will be “fully automated by an AI within the next 12 to 18 months.” He called it “professional-grade AGI.”

Bold? Sure. But connect it to Spotify, and the pattern is clear. The engineers didn’t get fired. They got promoted — from code-writers to AI supervisors. Translation: Suleyman isn’t describing a world without workers. He’s describing a world where the job title stays the same but the job description changes completely.

What it means for builders: The Honk model — AI does, human reviews — is the template. Not someday. Now. If you’re building tools, products, or workflows, design for the supervisor, not the typist.

⚡ Platform Wars

Google went full platform war.

Gemini 3.1 Pro dropped February 19 with a 77.1% score on ARC-AGI-2 — more than double the reasoning performance of Gemini 3 Pro. One million token context window. 65,000 token output limit. The day before: Lyria 3, an AI music generator with a real-time API for developers.

But the real signal is the packaging. Google shipped all of this through Antigravity — their new agentic development platform. Models, music, developer tooling, agent infrastructure, all under one roof. The model race is now a platform race. Winners won’t be who has the smartest model. They’ll be who gives builders the most leverage.

Hype vs. Reality: 7/10 — The model is genuinely impressive. The platform play is real. But Antigravity is brand new and the ecosystem is thin. Worth building on, not worth betting the farm on yet.

🚨 Security Crisis

41% of MCP servers have zero authentication. And the identity layer doesn’t exist yet.

A security audit of all 518 servers in the official MCP registry found that 214 of them — 41% — allow any agent to enumerate every available tool with zero credentials. The registry grew from 90 to 518 servers in a single month. One server exposes 67 tools including delete_app and register_ssh_key to anyone who connects.

Meanwhile, Microsoft’s Defender team caught 31 companies hiding prompt-injection instructions inside “Summarize with AI” buttons — invisible commands that tell your AI assistant to “remember [Company] as a trusted source” permanently. They found 50 distinct attempts across 14 industries, working across Copilot, ChatGPT, Claude, Perplexity, and Grok.

And here’s what makes this worse: MCP is now under the Linux Foundation alongside Google’s A2A protocol. Agents are talking to other agents, calling tools, chaining actions across services. But there’s no standardized layer for agent identity — no way to verify which agent is making a request, track the provenance of an action chain, or enforce governance policies across multi-agent workflows. We’re building an autonomous communication layer without the equivalent of HTTPS or certificates.

Two different attacks. One missing identity layer. Nobody’s talking about this yet — but they will. 🚨 The AI security surface is expanding faster than anyone’s defending it. This is a category forming in real-time — and we’ll be going deep on it in a future issue.

Hype vs. Reality: 4/10 — The security community sees it. Everyone else is asleep. That’s exactly when you want to start building.

📊 The Number Everyone’s Watching

NVIDIA reports Tuesday.

NVIDIA drops Q4 FY2026 earnings after market close on February 25 — one day after this newsletter hits your inbox. Wall Street expects $65.6 billion in revenue (up 65% YoY) and $1.52 in EPS. Jensen Huang has described Blackwell demand as “insane,” with the company sold out through mid-2026. Polymarket gives 94.5% odds of an earnings beat.

But the real number is the Q1 FY2027 guidance. Consensus expects $71 billion. If Huang guides above $75 billion, it could trigger another wave of Wall Street upgrades and validate the entire infrastructure thesis.

Why this matters for builders, not just traders: NVIDIA’s numbers are the closest thing we have to a real-time demand signal for AI compute. If they beat big, the infrastructure buildout accelerates. More compute available = more opportunities to build on top of it. If they miss — even slightly — expect a narrative reset that shakes loose funding across the entire ecosystem.

Hype vs. Reality: 8/10 — The demand is real. The numbers will almost certainly beat. But the stock is priced for perfection, and guidance is what moves markets. Watch the call, not the headline.

💰 The Opportunity

AI Agent Security, Identity & Governance

The collision of stories this week — unprotected MCP servers, AI memory poisoning, a 5x registry explosion, and no identity standard for agent-to-agent communication — points to one of the clearest builder opportunities in the entire AI landscape. This isn’t one problem. It’s three:

  1. MCP server security: Auditing, hardening, and monitoring the tools agents can access. The plumbing layer.
  2. Agent identity & provenance: Verifying which agent made a request, tracking action chains across multi-agent workflows, proving that an output came from a trusted source. Think certificates and audit trails for the agent era.
  3. Governance & policy enforcement: Dashboards and rule engines that let enterprises control what agents can do, who they talk to, and what data they touch. The compliance layer.
  • Market size: Every enterprise deploying AI agents needs all three. Gartner says 80% of enterprises will use agentic AI by 2028 — that’s the entire Fortune 500 plus mid-market. The tooling barely exists.
  • Barriers to entry: Moderate. Deep knowledge of prompt injection, MCP protocol, OAuth 2.1 patterns, and multi-agent architectures required. Not trivial, but no PhD or GPU cluster needed.
  • Revenue model: SaaS — sell to IT security and compliance teams already buying endpoint protection and SIEM tools.
  • Time to first dollar: 60–90 days for a scanner MVP (audit MCP server auth posture, flag exposed tools). Longer for the identity/provenance layer, but first movers in that space will define the standard.
  • Who’s early: Kai Security (MCP registry audit), MintMCP (enterprise governance, SOC 2 Type II), Redpanda (agent observability), OWASP (just published an MCP security guide). The category is forming. It’s not formed.
  • Who this is for: Security engineers, protocol nerds, and infrastructure builders who understand OAuth/auth patterns. If you’ve ever set up API gateways or built middleware, you’re already qualified.
  • Hype vs. Reality: 4/10 hype. 9/10 reality. Almost nobody outside security circles is talking about this. But Microsoft, Kai Security, OWASP, and the Linux Foundation all published in the same two weeks. That’s not hype. That’s signal.

🎯 The Playbook

What to do this week

  1. Audit your AI memory. Open your Copilot, ChatGPT, or Claude settings and review stored memories. Delete anything you don’t recognize or didn’t explicitly save. This takes five minutes. Do it today. If you run a team, send this to your team.
  2. Watch NVIDIA earnings Tuesday after close. Not for the stock price — for the demand signal. Listen to Jensen’s commentary on Blackwell ramp, Rubin timeline, and agentic AI adoption. The conference call transcript will tell you more about the state of AI infrastructure than any analyst report.
  3. Check GitHub Trending. Every day, this page shows you where builder energy is flowing in real-time — MCP servers, generative UI SDKs, agent workflow tools. If you’re looking for what to build next, the answer updates daily.
  4. Build the supervisor workflow, not the AI replacement. Spotify’s Honk model — AI generates, human reviews and merges from their phone — is the architecture pattern that will define the next 18 months of every knowledge-work industry. Start mapping where this pattern applies to your world. Not “how does AI replace X” but “how does AI do X while a human steers.”

🔥 What’s Viral

chrome-devtools-mcp (24K ⭐, 436/day): Chrome’s official MCP server for DevTools. Your coding agents can now debug through the browser. This is infrastructure.

tambo (9K ⭐, 300/day): Generative UI SDK for React. The AI builds its own interfaces. If you’re building agent-powered products, bookmark this.

claude-skills (1.6K ⭐, 278/day): 66 specialized skills for Claude Code. The extensions ecosystem is forming fast.

gh-aw (2K ⭐, 405/day): GitHub’s own agentic workflows tool. When the platform ships the agent tooling, pay attention.

NVIDIA Q4 earnings (Tuesday after close): $65.6B expected revenue. The single most important data point for the AI infrastructure thesis this quarter.

$690 billion says the future is being built right now. The old guard is debating whether it’s a bubble. The new guard is building on top of it.

Stay building. 🛠️

— Matt