#057

Anthropic hits $30B ARR, DuckDuckGo jumps 28%, and one Host header bypasses every FastAPI MCP

A $200 Claude plan burns $2,180 of tokens. DDG AI-free search jumped 28% the week Sundar said users love AI Mode. Starlette BadHost exposes every FastAPI MCP.

Simon Willison just ran the math on his own Claude Code subscription. A heavy $200/mo plan chews through $2,180.16 of token value every single month. His call is that Anthropic and OpenAI have crossed from research lab into real business, and the receipt is what you’re paying.

Willison’s read is that the signals worth watching aren’t the run-rates anymore, they’re the pricing flips: November 2025 was when enterprise plans moved off seat-based to API metering, and April’s frontier models shipped at 1.4 to 2x the predecessor with no enterprise discount.

In today’s indie hacker news:

  • 🤖 Simon Willison says the labs hit PMF, your token bill is the proof
  • 🦆 DDG’s AI-free search spiked the week Sundar bragged
  • 🏷️ YouTube auto-labels AI videos, and the label isn’t the threat
  • 🎵 Last.fm escapes Paramount, and the founders aren’t who you think
  • 🔓 One Host header bypasses auth in every FastAPI MCP server

TOP STORIES

THE PMF RECEIPT

🤖 Simon Willison says Anthropic and OpenAI hit product-market fit, and your token bill is the proof

Simon Willison says Anthropic and OpenAI hit product-market fit, and your token bill is the proof

The story: Willison’s numbers are blunt. Anthropic hit a $30B revenue run-rate in April, up from $375M mid-2024, and is telling investors to expect its first profitable quarter at $10.9B this Q2. SpaceX alone is signed to pay $1.25B a month through May 2029. The shift he flags is coding agents plus enterprise API contracts, which together are the higher-margin mix replacing the consumer chat treadmill. The HN thread hit 699 points overnight, with the loudest counter being that the consumer tier is a loss leader the labs can’t sustain.

The details:

  • Claude Code alone is the engine. $2.5B annualized run-rate by February, doubled since the start of the year.
  • 25% of Uber’s commits now flow through Claude Code, per Willison’s reporting on the call-out.
  • Anthropic spends roughly a quarter of OpenAI’s training budget while matching its revenue, per Willison’s reading of the leaks.
  • OpenAI’s job postings are 32.6% enterprise-focused. Anthropic’s are 26.9%. Hiring already points at the destination.
  • The S-1 will be the moment of truth. Willison: “We’ll know for sure how real this moment is when the S-1 documents give us some real, audited numbers.”

Why builders care: Two consequences for indie founders. Cursor and Copilot, the wrappers indies built on, are being disintermediated as Anthropic earns directly from what they used to resell. And the cheap consumer tier almost certainly gets capped or repriced before any S-1 filing lands, so a feature roadmap dependent on $20/mo Claude Pro tokens is built on a promo that needs to die for the IPO numbers to print.

PICHAI POKED THE BEAR

🦆 DuckDuckGo’s AI-free search jumped 28% the week Sundar said users love AI Mode

DuckDuckGo's AI-free search jumped 28% the week Sundar said users love AI Mode

The story: Sundar Pichai stood on the Google I/O stage on May 19 and said “people love” AI Mode, citing 1B monthly active users in a single year. Five days later, DuckDuckGo’s own numbers on the noai.duckduckgo.com subdomain (their AI-free search property) peaked at 27.7% week-over-week growth on May 24. iOS installs peaked at 69.9% on May 25. Marginalia, the tiny indie engine that filters SEO spam, reported ten times the queries in the same period.

The details:

  • The headline number is on the noai subdomain only, not DDG’s main site. DDG self-reported it. No Similarweb verification.
  • Growth held through Memorial Day weekend, which is usually a traffic dip.
  • Gabriel Weinberg, DDG’s CEO, named the pattern: “Google is force-feeding AI with no way to opt out.”
  • HN scale realists called the surge ~0.3% of global search, “rounding error for Google” per top commenter juancn.
  • The Marginalia signal is arguably the bigger one. The migration is multi-engine, not just DDG.

Why builders care: Read this as a backlash signal that’s holding through a holiday weekend. DDG is still ~2% US share against Google’s 85%, but the iOS install peak and the Marginalia bump confirm the anti-AI-search audience is real and switching. If your funnel is 100% organic Google, structured-data coverage on Brave Search, Kagi, and DDG is cheap insurance now, before competition increases.

THE LABEL IS A DECOY

🏷️ YouTube will auto-label AI videos starting May, but the demonetization risk is a different policy

YouTube will auto-label AI videos starting May, but the demonetization risk is a different policy

The story: YouTube’s official post says internal detection will auto-apply AI disclosure labels when creators haven’t disclosed “significant photorealistic AI use.” On long-form, the label moves out of the description and lives directly below the player. On Shorts, it overlays the bottom-left of the frame. Rene Ritchie, YouTube’s Creator Liaison, told Variety explicitly that the label alone does not affect recommendations or earnings.

The details:

  • Content made with YouTube’s own AI tools (Veo, Dream Screen) gets a permanent, irremovable label. 1M+ channels used those tools in December alone.
  • Detection signals are C2PA metadata and internal systems. SynthID is referenced in press coverage but not in YouTube’s own post.
  • Creators can contest auto-applied labels via YouTube Studio.
  • The trigger is “significant photorealistic” content. TTS-only narration over stock footage is ambiguous because YouTube didn’t define the line.
  • The quieter kill switch is the July 2025 rename of “repetitious content” to “inauthentic content”. That one can demonetize channels lacking editorial voice.

Why builders care: Audit your disclosure settings now and assume any TTS-narrated channel ends up with a badge soon. The bigger lever is the July 2025 inauthentic-content rename, which demonetizes channels lacking editorial voice. Revenue protection lives in human curation on top of TTS: a person picking topics, writing with a point of view, and shaping the cut.

FOUNDERS LEFT IN 2009

🎵 Last.fm walked out of Paramount Skydance after 19 years, and the founders had nothing to do with it

Last.fm walked out of Paramount Skydance after 19 years, and the founders had nothing to do with it

The story: Last.fm announced its independence on May 27, ending nearly two decades inside CBS Interactive and then Paramount Skydance. CBS bought it for $280M in 2007. The three original founders, Felix Miller, Martin Stiksel, and Richard Jones, all left in summer 2009. The team taking the product independent is the current management group. The “founders bought it back” framing in early press reads is wrong, and the buyer and price are both undisclosed.

The details:

  • The trigger: the Paramount-Skydance merger closed August 2025, and the integration team is cleaning books.
  • Scrobbles, Pro subs, API access, and listening history all remain unchanged.
  • Last.fm killed paid radio streaming in April 2014 and has been a scrobble plus recommendations service since.
  • Historic estimates put it at roughly 1B scrobbles a month. No 2026 MAU disclosed.
  • Compare arcs: Flickr was rescued by SmugMug in 2018 and is still indie. Bandcamp went to Songtradr in 2023 with mass layoffs. Vimeo went private in February for $1.38B.

Why builders care: Niche products with entrenched user behavior can outlast the megacorps that ignored them. The window opens when the owner is integrating, distracted, and cleaning balance sheets. If you’re building a small product with sticky behavior and low CAC, plan to outlast the buyer. The exit comes when they’re forced to let go.

ONE HEADER TO BYPASS THEM ALL

🔓 Starlette’s BadHost (CVE-2026-48710) opens auth-bypass in every FastAPI MCP server

Starlette's BadHost opens auth-bypass in every FastAPI MCP server

The story: A critical bug in Starlette, the ASGI framework underneath FastAPI at 325M weekly downloads, lets an attacker bypass path-based authentication by sending a crafted Host header. Send a request to /protected with a Host like example.com/health?x= and Starlette reconstructs request.url.path from the Host, returning /health to your auth middleware. Discovered by X41 D-Sec during an OSTIF-sponsored audit, patched in Starlette 1.0.1 on May 21, disclosed May 22. Ars Technica ran the full write-up.

The details:

  • Confirmed affected downstream: vLLM, LiteLLM, Text Generation Inference, Ray Serve, BentoML, Google ADK-Python, FastMCP, Gradio MCP integrations.
  • Run pip show starlette in every serving virtualenv. If below 1.0.1, you’re vulnerable. Patch with pip install --upgrade starlette.
  • Belt and braces: validate Host headers at your nginx, Caddy, or Traefik perimeter so unpatched apps stay protected.
  • If you wrote custom FastAPI middleware, switch from request.url.path to scope['path']. The ASGI scope path comes from the request line, not the Host.
  • Not affected: stdio-mode MCP servers (the Claude Code local default, no HTTP listener) and llama.cpp (uses cpp-httplib).

Why builders care: Wide-blast supply-chain bug under what most Python AI agents actually run on, and there’s no in-the-wild exploitation reported yet. The one-day window between patch and disclosure (versus the standard 30-day coordinated process) suggests the researchers were worried about active threat-actor interest. If you ship any FastAPI service to the public internet, audit and patch before sleeping.

💼 Cognition raises $1B at $25B pre-money - Lux Capital, General Catalyst, and 8VC led at $26B post, a 2.5x markup on Cognition’s $10.2B from September. The pitch: $492M annualized run-rate and enterprise growing 50% month-over-month for six straight months. AI coding is officially a multi-winner market in capital terms, not a single-takeall race.

🔧 Claude Code became its own category in a single day - Three independent builders shipped Claude Code meta-tooling in 24 hours: a token-cost audit reverse-engineering how much the flagship plan really costs (re-reading context is 64% of the bill), an ADHD-style parallel branching wrapper that runs isolated agent branches under different cognitive frames, and claude-handoff-revive, which compresses session state from 100k+ tokens down to a few thousand for clean post-rate-limit resume.

🔁 Self-improving agent harnesses become a real thing - OpenAI published a Codex customer story with Thrive Holdings hitting roughly 97% accuracy across 30+ accounting firms, while Henry Pan’s 1,000-experiment write-up argues the harness itself becomes the bottleneck. His punchline: deterministic external supervisors plus a persistent learning.md file beat prompt-based self-discipline.

DRAMA

YES-MAN AS A SERVICE

🧠 Tech CEOs are apparently suffering from AI psychosis

Aaron Levie (Box) and Zeb Evans (ClickUp) named in the TechCrunch piece as the diagnosis case. Levie’s framing: CEOs are “sufficiently distant from the last mile of work” to see only the demo, never the implementation reality, then mandate automation engineering knows won’t ship. The article hit 612 points and 305 comments. Top comment from gopalv pushed back that the real issue is the AI itself: humans have built-in consequence prediction and a reputation to protect, AI doesn’t. The colder version from glaslong: “It’ll delete your prod db faster and with a bigger smile.”

Why builders care: The diagnosis flips for solo founders. The model you’re asking for a code review is the same one that just wrote the code, and it’s wired to agree. Set up a second opinion you can’t override before shipping, whether that’s a stranger on Discord or a sub-agent prompted to find the worst failure mode.

FIRST DOLLAR

FIFTY DMS, THREE WEEKS, $1K

💵 PreyReach turned 50 cold DMs into its first $1K of revenue in three weeks

u/bob__io built PreyReach, an agent that finds local businesses without a website using real-time Google Places, and pitched it to web designers and SEO freelancers as a prospecting tool. The channel: cold DMs on r/sales, r/LeadGeneration, and r/Entrepreneur to people already asking about lead-gen, converting to 15 signups. A detailed r/SaaS comment with 40 upvotes drove steady traffic, and a Facebook agency-owners group received free credits that turned 3 of 20 into paid. Self-reported, no screenshots, light social proof. Treat as case study, not validated metric.

STACK OF THE DAY

📚 skills-for-humanity

171 MIT-licensed Claude Code skills across 27 categories, each one a runnable procedure (not a concept) packaging methods from Aristotle, Sun Tzu, de Bono, and Nash. Example slugs: logic-premortem-analysis, game-theory-prisoners-dilemma, creativity-six-hats, writing-prose-elevation. Install with npx @human-avatar/skills-for-humanity. Useful if you want Claude to pick the right method for a task instead of inventing one each time. Free.

Not sponsored. We just feature tools builders would actually use.

BOOKMARKED TODAY

🧪 AI-generated CUDA kernels silently break training - An engineer at doubleai.com dropped top-ranked submissions from NVIDIA’s SOL-ExecBench (235 production kernels from DeepSeek, Qwen, Gemma, Kimi) into a real training loop. Many broke silently. A fused embedding-gradient plus RMSNorm backward kernel accumulated in bf16 instead of fp32, letting high-frequency token rows round to zero and the loss diverge.

🧮 It was Uber’s COO, not its CTO - Andrew Macdonald, the COO Fortune actually quoted, said Uber still can’t draw a clean line between AI token spend and consumer-product improvements. Reddit ran the quote under the CTO’s name and it stuck. Worth the correction because the framing changes: it’s an operations leader admitting flat-rate budgeting died, not an engineering lead.

🤝 Monthly calls with my direct competitor - u/lamacorn_ pairs with a direct competitor on weekly calls (post title says monthly, body says weekly) to share what’s working, what’s not, and where they’re stuck. The bet: whoever has lower MRR at month-end publicly promotes the other’s product. Top comment with 33 upvotes calls it “lowercase slop” / AI-generated. Genuine vibe, wary community.