Welcome, AI enthusiasts
Voice AI is being reimagined. Thinking Machines Lab believes today’s assistants feel fragmented because they were stitched together from separate systems and its new approach is designed to make AI conversations more fluid, responsive, and human-like. Let’s get into it.
In today’s insights:
• Thinking Machines Lab Says Voice AI Has Been Built the Wrong Way
• Google Confirms First AI-Created Zero-Day Exploited by Cybercriminals
Why Thinking Machines Thinks Voice AI Got It Wrong
Key Points
Thinking Machines introduced TML-Interaction-Small, a 276B-parameter mixture-of-experts model designed to process audio, video, and text continuously in 200-millisecond intervals instead of waiting for users to finish speaking.
The company says the model outperforms OpenAI’s GPT-Realtime-2 and Google’s Gemini Live on conversational benchmarks, delivering response latency as low as 0.40 seconds compared to 1.18 and 0.57 seconds, respectively.
A separate background reasoning model operates alongside the live interaction model, handling complex reasoning and tool usage while seamlessly feeding responses back into the conversation.
Details
Most current voice assistants rely on layered pipelines that first detect when a speaker has stopped talking before passing the completed input to a language model. Thinking Machines believes this setup is what makes voice AI feel unnatural and delayed. Its new Interaction Models replace that multi-step process with a unified system that listens, reasons, and responds on the same 200-millisecond cadence. The model can interrupt, pause, overlap speech, or remain silent depending on conversational context. Meanwhile, a secondary background model manages slower reasoning tasks and injects answers back into the exchange without disrupting the flow.re you walk out in something you stitched 30 minutes ago,” said Rivera. “It’s chaos - in the best way - and the content writes itself.”
Google Reports First Criminal Use of an AI-Developed Zero-Day
Key Points
The Google Threat Intelligence Group (GTIG) identified a criminal operation preparing a large-scale exploitation campaign using a two-factor authentication bypass exploit that showed strong indicators of LLM-generated code.
The report also found actors linked to the PRC and DPRK increasingly automating vulnerability discovery workflows, including activity from APT45, which reportedly issued thousands of recursive prompts to test and validate CVE exploits.
Researchers observed new AI-assisted Android malware dubbed PROMPTSPY, which leverages the Gemini API to autonomously interact with compromised devices a shift from AI serving merely as a coding assistant to functioning as an active operational agent.
Why It Matters
Earlier this year, Anthropic revealed that a Chinese-linked threat group had begun using Claude Code as an autonomous attack agent. At the same time, Mandiant reported that the average time between vulnerability disclosure and active exploitation had already dropped below one week in 2026. GTIG’s latest findings now provide what may be the clearest evidence yet of an AI-generated zero-day operating in the wild. What the cybersecurity industry once described as an approaching threat is rapidly becoming standard practice. Security teams are no longer facing attackers merely assisted by AI- they are confronting attackers built around it.
That’s it for today.
The AI space doesn’t slow down - and neither should your thinking.
See you in the next drop.