A leaked US Army memo showed that even the most advanced defence firms (i.e. Palantir) still wrestle with security and accountability, exposing the tension between speed and rigour in modern defence. Meanwhile, OpenAI continues its quiet empire-building, deepening its infrastructure footprint through a new AMD partnership while climbing the stack with more consumer-facing features. At the frontier, breakthroughs from Alice&Bob and fresh details on Murati’s first product remind us just how early we are in this marathon of AI adoption – and how much innovation still lies ahead.

IPOs/Public

• Navan (business travel platform) released S-1: $613M LTM revenue (+32%), GM 71%, Op. margin 13%, FCF margin 5%, NRR 110%, Rule of 40 = 27 – healthy unit economics, arguably not yet IPO-grade efficiency for a platform of its scale.

• DeepL (enterprise AI translation) in early talks for US IPO - targeting $5B valuation (last raised $300M @ $2B in 2024).

• Revolut (neobank) considering dual listing in London & New York at $75B+ valuation – notable softening of founder Nik Storonsky’s prior scepticism toward a UK float.

• Cerebras (AI hardware) raised $1.1B (pre-IPO) at $8.1B. Then withdrew IPO plans days later, only for CEO to follow up saying company hasn’t changed its intention and just wanted to update financials on the back of recent raise/performance!

• Google continues to embed Gemini into core products – following Chrome, now Google TV – more evidence of AI being built into the operating system layer.

• Amazon to pay $2.5B to settle claims over deceptive dark patterns (design elements that “tricked” users into subscriptions). A landmark case for consumer autonomy in digital design, extending scrutiny from data use to how interfaces shape user choice.

• Meta to begin using AI chatbot conversation data to target ads from 16 December, with no opt-out for US users. Collapses line between personal assistance and behavioural advertising, turning conversation into data for monetisation.

• Google DeepMind, Meta and Nvidia are racing to build “world models” – AI systems that learn from video and robotics data to simulate the physical world, forming the bridge from LLMs to embodied intelligence. LLMs are only a first paradigm! (The FT).

Big Dogs

• OpenAI continues to empire build…

o $6.6B secondary at $500B, making it the world’s most valuable private company. The decision not to sell the full authorised $10.3B suggests insiders see further upside.

o Launched “ChatGPT Apps” - the ability for third-party applications such as Booking.com, Spotify, Figma, Coursera, to run inside ChatGPT conversations. Follows launch of Pulse (cross-platform AI assistant) ~1 week ago. Pulse connects into calendars, emails and files to make real-time suggestions. These products signal a shift from a tool you query to an agent that acts, blurring line between productivity software and digital assistant.

o Signed chip deal with AMD to buy hundreds of thousands of GPUs (~6 GW of compute - equivalent to six full-size nuclear reactors) including option for 10% equity stake. A potential challenge (or derisking) to Nvidia hegemony.

o Released Sora 2 (AI video generator) alongside TikTok-style app letting users appear in AI-made clips whilst introducing rights-holder controls and revenue-sharing for Sora content (aimed at calming backlash over creator IP).

• Anthropic released Claude Sonnet 4.5 which shows measurable gains in alignment fidelity – reducing harmful outputs, reward-hacking and sycophancy – though long-horizon robustness gaps remain, suggesting its safety still relies on recognising when it’s being tested.

• Thinking Machines Lab (AI research tools, founded by Mira Murati & ex-OpenAI team) unveiled Tinker, a platform to fine-tune frontier models without managing large GPU clusters. It marks the $12B startup’s first public step after its record $2B seed (where very little was disclosed on what Murati was actually building)

• Nscale (European hyperscale data centres) closed an additional $433M pre-Series C from Blue Owl, Dell, Nvidia and Nokia, following last week’s $1.1B Series B – signalling rising investor FOMO around sovereign compute.

• Vercel (AI developer infrastructure) raised $300M Series F at a $9.3B valuation, with another $300M tender offer in progress.

• Periodic Labs (AI-driven scientific discovery) announced a $300M seed from a16z, DST, Nvidia, Accel, Gil, Schmidt and Bezos. Its goal is to “automate scientific discovery” through “AI scientists”.

• Rebellions (AI inference chips) raised $250M Series C at a $1.4B valuation, co-led by Arm and Samsung.

• Supabase (open-source Postgres backend platform) raised $100M Series E at $5B, led by Accel and Peak.

• Axiom Math (AI mathematician) raised $64M seed led by B Capital. The company is developing an AI system that not only solves complex problems but also generates new mathematical knowledge by proposing conjectures.

Venture Capital

• A bumper week for new funds centred on defence, security and resilience:

o Cyberstarts (Israeli cybersecurity VC) raised $380M Opportunity Fund II to help scale its maturing portfolio companies.

o Expeditions reached €100M committed for Fund II targeting €150M, investing in defence, autonomy, AI, quantum and space.

o Verne Capital launched a €100M fund for European startups, with 25% reserved for defence ventures, including from Ukraine.

o Polarion launched a €100M vehicle targeting small and mid-cap defence and dual-use technology firms in Northern Europe.

o Hyperion Fund began raising its €500M Fund II after a €150M debut already 40% deployed, focussed on defence.

o Wave Function Ventures closed its $15.1M debut for early-stage nuclear, robotics and aerospace startups.

o Ventech Fund VI closed €175M to focus on AI, industrial software and sovereignty.

• At the BVCA Pensions and Private Capital Showcase, Lord Vallance (UK Science Minister) warned how UK DC schemes invest only ~0.5% of assets in venture or growth equity (Australian superannuation funds invest up to 5% in private markets, and the US is closer to 10%). He highlights how (1) the imbalance means foreign investors capture most of the upside from British science, and (2) it is also about fuelling the innovation that underpins UK sovereignty (productivity, healthcare, defence, energy etc).

• Entrepreneur First (EF) is closing programmes in France and Germany and doubling down on SF (with London and Bangalore continuing). The logic: early-stage European companies increasingly need US distribution (customers, capital) and EF can run larger cohorts with lower fixed costs. EF companies already moved to adopt Delaware topcos for cleaner US fundraising/sales over the past year. In the short run, the trend is rational - cheaper, faster. But Europe also keeps training talent that graduates to US capital markets. Strategically, it risks value capture - IP domiciled abroad and fewer scale-ups anchored at home.

Venture Geopolitics

• The UAE and Saudi Arabia now rank #2 and #3 globally for AI compute (measured in Nvidia H100-equivalent chips and power capacity by TRG Datacenters), behind the US. Their sovereign funds participated in ~12% of all VC rounds in 2024 and ~⅓ of AI deals. If current trajectories hold, MENA could supply over a third of global AI compute within 5 years (Dealroom).

• Domyn is raising €1B+ to build LLMs for regulated industries and develop AI gigafactories in Italy (first site slated 2026). Think of this as Europe’s attempt to pair models with local compute and energy footprints, so sensitive workloads don’t depend on foreign stacks. It rhymes with France’s push around Mistral and Germany’s own model efforts.

• Lex Fridman (Podcaster) × Pavel Durov (Telegram founder) delved into arrests and jurisdiction shopping, encryption defaults, moderation at scale, and the bot-driven info-war in an epic podcast. The through-line: large messaging platforms increasingly behave like sovereign-adjacent actors - setting their own speech norms, resisting state demands, and shaping information flows during crises (recommended listening).

• The UK Home Office has again issued a technical capability notice seeking access to end-to-end encrypted iCloud backups. As a reminder: this would require Apple to add a “secret door” so authorities can read otherwise-private backups. Apple argues that such a door weakens everyone’s security (and privacy) - since doors can be found or abused. The UK frames it as a lawful access issue for tackling serious crime and national security (Techcrunch).

Strategic Sectors

AI

• a16z released a report on enterprise AI adoption. Beyond assistants, meeting support is emerging as the next major category. Creative tools and “vibe coding” are now treated as general software. Of 17 vertical applications, 12 help humans work faster, while 5 act as “full AI employees”, automating end-to-end workflows in areas such as law, engineering and sales. Around 70% of AI tools are adopted by individuals first, then spread across teams – changing how software is bought and how start-ups scale (read here).

• California passed the first state AI safety law (SB 53): large developers must disclose protocols and report incidents. It’s a light-touch template that other states may copy, and it nudges the conversation from abstract “AI safety” to operational accountability - incident logs, red-team results, and post-mortems that investors and customers can actually read.

• Yale x Brookings found no mass US job losses from gen-AI so far - labour markets appear to be adapting as with prior waves (read here).

Quantum

• Alice & Bob achieved a key step in quantum error correction: their new “cat qubits” resisted bit-flip errors for over an hour. If scaled, this could make quantum computing stable enough for machine learning, potentially lowering the cost of AI computation now dominated by Nvidia GPUs. Investor enthusiasm is rising – quantum funding jumped 128% in Q1 2025 to over $1.25B (Silicon Sands).

Robotics

• The Washington Post reported how “robots are learning to make human babies”. AI-guided robotic arms have helped perform parts of IVF procedures, leading to 20 births. The trials could make fertility care more precise and affordable but raise ethical and legal questions about accountability when machines take part in human reproduction.

• Flock Safety unveiled Aerodome, an enterprise surveillance product and autonomous drone system. The drones can patrol large areas and share live footage with security teams or police. Supporters see this as faster emergency response; critics warn of creeping surveillance and privatised policing.

Cybersecurity

• Discord confirmed a third-party support breach exposed user data including scanned IDs submitted for age-verification appeals. This highlights the attraction of “hold-no-ID” approaches as regulators increasingly press platforms to verify age (Discord)

• A hacking group claims to have stolen over 1B customer records from systems hosted on Salesforce (used by Allianz, Google, Qantas, TransUnion etc). The attackers reportedly targeted customer-managed integrations, not Salesforce’s core systems – showing how shared cloud infrastructure creates systemic risk (Security Week).

• Two major security flaws were found in Salesforce Agentforce and Microsoft 365 Copilot. Attackers used AI prompts to trick systems into leaking sensitive data, while separate Cisco firewall bugs let hackers take control of devices (even after they were rebooted), forcing emergency action from US authorities. These incidents reveal deep weaknesses in how organisations connect AI systems to business data and highlight the need for stronger access control. (Cloud Security)

• On a more positive note, Anthropic’s enhancements to Claude Sonnet 4.5 strengthened cyber-defence capabilities. Sonnet 4.5 is comparable / superior to Opus 4.1 on cybersecurity, while cheaper & faster. It has simulated the 2017 Equifax breach, found and fixed vulnerabilities in Anthropic’s own systems, been used to foil a large-scale data extortion scheme as well as to detect espionage targeting telecom infrastructure. Anthropic plans to continue improving defence-oriented capabilities, expanding to SOC automation, SIEM analysis, secure network engineering etc.

• Japan’s largest brewer, Asahi, halted production after ransomware crippled its ordering and logistics systems. The disruption underscores how all sectors, including legacy manufacturing, are exposed to digital risk.

• Notable deals: Filigran (enterprise threat intelligence), raised a $58M Series C led by Eurazeo. Feedzai (financial crime protection) raised a $75M Series E from Lince Capital, Iberis Capital, Explorer.

Crypto/Stablecoins

• In the UK, Zhimin Qian pleaded guilty after police recovered 61,000 BTC (≈ £5B at current prices) in the “worlds biggest bitcoin seizure”.

• Notable deal: Agio Ratings (risk analytics to help banks and trading firms assess the default probability of crypto exchanges and lenders) raised a $6M led by AlbionVC.

Energy/Climate

• Russia’s attacks on Ukraine’s power grid briefly cut electricity to the defunct Chernobyl plant and forced the Zaporizhzhia nuclear facility onto emergency diesel generators, reigniting global concern over nuclear security. While both sites remain stable, experts warn that repeated power losses threaten critical cooling and containment systems - a risk that could have dire consequences far beyond Ukraine’s borders (France24)

• The US Department of Energy reportedly requested staff to not use words like “climate change” and “emissions” in public communications – highlighting a political divide just as global clean-energy investment hits record levels (Politico)

• A Guardian investigation reveals how recycling Western textiles comes at a severe human cost, with workers reporting serious health problems, including a surge in noncommunicable diseases. The “west” is pretty good at claiming moral high ground on ESG, but it’s paper thin - and too often neglects the “S”.

Defence

• Leaked US Army memo criticised the NGC2 battlefield communications prototype - developed by Anduril, Palantir, Microsoft and others - for serious security and design flaws, calling it “very high risk” due to potential persistent and undetectable adversary access. Reported issues included no access controls, no audit logging, and over 25 high-severity code vulnerabilities in one application. The Army’s CIO said the memo reflected a “standard vulnerability review”, but the depth of the flaws suggests more fundamental weaknesses. A follow-up report noted how the Army has since “mitigated the critical deficiencies”, but the situation highlights the trade-off between speed-to-field and cybersecurity assurance (Reuters)

• Munich Airport halted flights after more drone sightings while France detained a tanker linked to Russia’s shadow fleet. These continued incidents (see last weeks newsletter) suggest grey-zone tactics testing Europe’s logistics and airspace without crossing into open conflict.

• Notable deal: Commcrete (Israel) raised $21M Series A to scale its handheld satellite communication devices used in defence, emergency and disaster response.