Good morning. It’s Monday, April 21. Today we are covering:
Silicon Valley's Military Drone Companies Have A Serious Chinese Parts Problem
On Jagged AGI: o3, Gemini 2.5, and everything after
How Mark Zuckerberg is flipping the script on kids’ safety online
TSMC Warns of Limits of Ability to Keep Its AI Chips From China
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
Let’s dive in
Silicon Valley's Military Drone Companies Have A Serious Chinese Parts Problem
By David Jeans via Forbes
U.S. drone makers face a critical dependency on Chinese components, including engines, batteries, and radios, despite escalating efforts by the Pentagon and Trump administration to localize supply chains for national security.
The Pentagon’s Blue List approval process, meant to ensure drones are free of banned Chinese parts, has become a bottleneck for innovation, with only 23 out of 300+ companies approved and accusations of lack of transparency.
Companies like Skydio, Orqa, and BRINC have suffered from Chinese sanctions or regulatory setbacks, while top players like Anduril and Shield AI claim full independence—yet the dominance of DJI remains a major obstacle to building a U.S.-based drone industry.
𝕏: BREAKING: The Pentagon’s hottest drone startups are just patriotic middlemen for Chinese supply chains. DJI didn’t win because of espionage. It won because America forgot how to build things. A brutal reality check, thread below:0 - William Huo (@wmhuo168)
On Jagged AGI: o3, Gemini 2.5, and everything after
By Ethan Mollick via One Useful Thing
Despite rapid AI progress, there's still no clear definition or reliable test for AGI, and performance varies dramatically depending on the task—what Mollick and co-authors term the “Jagged Frontier.”
Models like OpenAI’s o3 and Google’s Gemini 2.5 show striking new capabilities—agentic behavior, planning, web search, creative work—but still fail on seemingly simple reasoning tasks, raising questions about what “general” intelligence really means.
Even if AGI has technically arrived, real-world impact may remain slow, as societal adoption lags and AI's jagged capabilities require human judgment—but a faster, tool-using AI future may surprise us.
𝕏: I wrote about the debate over whether o3 Is AGI, and what current AIs can, and cannot, do, with lots of examples - Ethan Mollick (@emollick)
The best way to reach new readers is through word of mouth. If you click THIS LINK in your inbox, it’ll create an easy-to-send pre-written email you can just fire off to some friends.
How Mark Zuckerberg is flipping the script on kids’ safety online
By Ruth Reader via POLITICO
Mark Zuckerberg is reshaping the online safety debate by supporting app store-based age verification, gaining traction with lawmakers and parents while diverting attention from stricter regulation like the Kids Online Safety Act (KOSA).
Meta’s campaign aligns with GOP interests and targets First Amendment concerns, while lobbying efforts and strategic donations—including $25M to Trump’s library—bolster political support and fend off antitrust threats.
A new Utah law, pushed by grassroots parent advocates, mandates verifiable parental consent for minors in app stores; 14 other states are considering similar bills, though tensions remain over Meta’s push to lower the age of consent to 16.
TSMC Warns of Limits of Ability to Keep Its AI Chips From China
By Jane Lanhee Lee via Bloomberg
TSMC acknowledged challenges in enforcing export controls after its AI chips were found in Huawei devices, despite U.S. sanctions.
The company cited limited visibility into how customers and third parties use its semiconductors once integrated into other products.
In its annual report, TSMC emphasized the inherent constraints of its position in the global semiconductor supply chain, which complicates downstream compliance tracking.
𝕏: TSMC says limited visibility into its supply chain makes export control compliance tough — months after its AI chips reached US-sanctioned Huawei via intermediaries - Paul Triolo (@pstAsiatech)
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
By Ionut Ilascu via BleepingComputer
Hackers exploited Google OAuth to send phishing emails that passed DKIM authentication, making them appear legitimately from Google and tricking recipients into submitting credentials.
The attack used a DKIM replay technique by leveraging Google’s own alerts system and hosting fake login pages on sites.google.com, making detection difficult.
A similar method targeted PayPal users, and while PayPal remained unresponsive, Google acknowledged the risk and is now working to patch the OAuth-based vulnerability.
We're thrilled to bring you ad-free news. To keep it that way, we need your support. Your pledge helps us stay independent and deliver high-quality insights while exploring new ideas. What would you love to see next? Share your thoughts and help shape the future of Newslit Daily. Thank you for being part of this journey!
Trending in AI
YouTube Looks to Creators (and Their Data) to Win in the AI Era
An AI Customer Service Chatbot Made Up a Company Policy—and Created a Mess
OpenAI’s o3 AI model scores lower on a benchmark than the company initially implied
Thanks for reading to the bottom and soaking in our Newslit Daily fueled with highlights for your morning.
I hope you found it interesting and, needless to say, if you have any questions or feedback let me know by hitting reply.
Take care and see you tomorrow!
How was today’s email?
Share this post