DeepSeek released its V4 model on Wednesday, delivering near state-of-the-art performance at one-sixth the cost of proprietary models like Claude Opus 4.7 and GPT-5.5. The 1.6-trillion-parameter model arrives alongside new releases from Poolside and Xiaomi, marking a significant week for open source AI development.
According to VentureBeat, DeepSeek-V4 uses a Mixture-of-Experts architecture and is available under the MIT License through Hugging Face and DeepSeek’s API. The Chinese AI startup describes this as the “second DeepSeek moment” following its R1 model’s breakthrough in January 2025.
https://x.com/deepseek_ai/status/2047516922263285776
Poolside Launches Laguna XS.2 for Agentic Coding
San Francisco-based Poolside released two new Laguna large language models optimized for agentic coding workflows. The Laguna XS.2 models can write code, use third-party tools, and execute autonomous actions beyond basic chat functionality.
VentureBeat reported that Poolside also unveiled “pool,” a coding agent harness, and “shimmer,” a web-based mobile development environment. The startup, founded in 2023, positions itself as an affordable alternative to proprietary U.S. models from Anthropic, OpenAI, and Google.
Poolside post-training engineer George Grigorev explained the company’s government appeal, stating that agencies prefer local deployment capabilities over cloud-dependent proprietary solutions. The models are designed for enterprises requiring on-premises AI deployment with full data control.
Xiaomi MiMo-V2.5 Excels at Agentic Tasks
Xiaomi released MiMo-V2.5 and MiMo-V2.5-Pro under the MIT License, focusing on efficiency for agentic “claw” tasks. These models power systems like OpenClaw and NanoClaw, where AI agents complete tasks autonomously through third-party messaging apps.
The models are available on Hugging Face for commercial use. According to Xiaomi’s ClawEval benchmarks, the Pro model achieved 63.8% performance while using fewer tokens than competitors, reducing costs for usage-based billing services.
Xiaomi’s approach targets the growing market for AI agents that handle marketing content creation, account management, email organization, and scheduling. The token efficiency becomes crucial as services like GitHub Copilot shift to usage-based pricing models.
https://x.com/xiaomimimo/status/2048821516079661561
Security Concerns Emerge for Open Source Platforms
Security firm Acronis identified malware distribution campaigns targeting AI platforms including Hugging Face and ClawHub. SecurityWeek reported that threat actors uploaded trojanized files to distribute cryptominers and information stealers.
On ClawHub, researchers found nearly 600 malicious “skills” across 13 developer accounts. Two accounts contained the majority of threats: hightower6eu with 334 malicious skills and sakaen736jih with 199. The attacks use indirect prompt injection to trick AI systems into downloading and executing malicious code.
The campaign distributed Atomic macOS Stealer (AMOS) among other payloads. Attackers exploit the trust relationship between users and AI distribution platforms, embedding hidden instructions that execute without user awareness. This represents a shift from traditional malvertising to poisoning trusted AI distribution channels.
Cisco Addresses Model Provenance Challenges
Cisco released the Model Provenance Kit, an open source tool for tracking AI model lineage and addressing third-party model risks. The tool helps organizations verify claims about model sources, vulnerabilities, and training biases that often go unverified in public repositories.
SecurityWeek noted that enterprises frequently use models from repositories like Hugging Face without tracking modifications or verifying developer claims. This creates security, compliance, and liability risks, particularly for customer-facing applications.
The kit addresses regulatory requirements for documenting AI system usage and supply chain integrity concerns. Without provenance tracking, organizations cannot trace incidents to root causes or determine which other models in their stack might be affected by discovered vulnerabilities.
Performance Benchmarks Show Competitive Landscape
DeepSeek-V4 matches or exceeds proprietary models on several benchmarks while offering significant cost advantages. The model’s API pricing runs approximately one-sixth the cost of Claude Opus 4.7 and GPT-5.5, making advanced AI capabilities more accessible to smaller organizations.
Xiaomi’s MiMo-V2.5-Pro leads open source models in token efficiency for agentic tasks, crucial for cost-conscious deployments. The model’s 63.8% ClawEval performance combined with low token usage positions it competitively against both open and closed source alternatives.
Poolside’s Laguna models target the specialized coding agent market, offering local deployment options that proprietary cloud services cannot match. This addresses enterprise requirements for data sovereignty and on-premises AI capabilities.
What This Means
The convergence of high-performance open source releases from DeepSeek, Xiaomi, and Poolside signals a maturing competitive landscape that challenges proprietary model dominance. These releases demonstrate that open source AI can achieve near-frontier performance while offering significant cost and deployment flexibility advantages.
However, security concerns around model distribution platforms highlight the need for better verification and provenance tracking. Cisco’s Model Provenance Kit addresses part of this challenge, but the broader ecosystem requires enhanced security practices as open source adoption accelerates.
The shift toward agentic AI capabilities across these releases indicates growing market demand for autonomous task completion rather than simple chat interfaces. This trend favors models optimized for tool use and external system integration over pure conversational ability.
FAQ
How does DeepSeek-V4 compare to GPT-5.5 and Claude Opus 4.7?
DeepSeek-V4 delivers comparable performance to these proprietary models while costing approximately one-sixth the price through API access. It uses a 1.6-trillion-parameter Mixture-of-Experts architecture and is available under the MIT License for commercial use.
What are agentic “claw” tasks that Xiaomi’s models excel at?
Claw tasks involve AI agents autonomously completing real-world activities like creating marketing content, managing social media accounts, organizing emails, and scheduling meetings. These go beyond simple chat to include tool use and external system interactions.
How serious are the security risks for open source AI platforms?
Acronis identified nearly 600 malicious files on ClawHub alone, distributing malware including the Atomic macOS Stealer. The attacks exploit trust in AI platforms and use indirect prompt injection to execute hidden commands, representing a significant shift in threat actor tactics.
Related news
- NVIDIA Isaac GR00T N1.7: Open Reasoning VLA Model for Humanoid Robots – HuggingFace Blog
Sources
- American AI startup Poolside launches free, high-performing open model Laguna XS.2 for local agentic coding – VentureBeat
- Open source Xiaomi MiMo-V2.5 and V2.5-Pro are among the most efficient (and affordable) at agentic ‘claw’ tasks – VentureBeat
- DeepSeek-V4 arrives with near state-of-the-art intelligence at 1/6th the cost of Opus 4.7, GPT-5.5 – VentureBeat
- Cisco Releases Open Source Tool for AI Model Provenance – SecurityWeek
