AI agent costs are moving from novelty spend to operating expense

What changed: AFP reports that companies are starting to rethink AI spending as agentic tasks drive up token use; unlike simple chat, agents can book appointments, write code, manage files, and sometimes spin up many sub-tasks that each add cost. The report also points to “tokenmaxxing,” where teams treat high token use as proof of adoption, even when the bill can grow faster than the productivity gain.

Why it matters: If you sell, buy, or deploy agents, the budget question is no longer “Which model is smartest?” It is “Which steps actually need an expensive model, and which can run on a cheaper or smaller one?” Founders and operators should price agent workflows like cloud infrastructure: measure each run, cap waste, and route routine steps to lower-cost models when quality is good enough.

Try/watch: Pick one expensive agent workflow this week and break it into steps: planning, retrieval, writing, tool use, review. Track cost per step, then test whether a smaller model can handle the low-risk parts without hurting outcomes.

A reported LLM-agent intrusion shows why agent security is now a real production risk

What changed: TechTimes reports on a Sysdig-documented intrusion in which an attacker used a large language model agent to drive post-exploitation decisions after gaining access through an exposed Python notebook; the agent reportedly completed four pivots in a little over an hour and dumped an internal PostgreSQL database. The report says the agent reused credentials from files it had just read, opened parallel SSH sessions, and formatted commands in a machine-oriented way.

Why it matters: This is a practical warning for anyone deploying agents that can read files, call tools, or move across systems. The same abilities that make a support, coding, or operations agent useful—remembering context, choosing next steps, and using credentials—also make compromised environments more dangerous.

Try/watch: Treat agent-accessible credentials as high-risk. Rotate secrets that appear in environment files, remove broad permissions from notebooks and dev boxes, and log agent-like behavior such as rapid tool chaining, repeated credential lookups, and unusual parallel sessions.

Microsoft and Nvidia may push more agent work onto local Windows PCs

What changed: Axios reports that Nvidia and Microsoft are expected to debut the first Windows PCs using Nvidia chips as the main processor, with Microsoft also expected to show software aimed at letting AI agents perform tasks locally on Windows computers. Reuters, citing the Axios report, says Microsoft and Nvidia are expected to unveil the new PCs around Computex and Microsoft Build.

Why it matters: Local agent execution could change the cost, privacy, and latency tradeoffs for small teams. If agents can test apps, inspect files, or automate desktop tasks on-device, builders may be able to reduce some cloud costs and keep sensitive work closer to the user—but buyers will need clearer controls over what agents can see and do on a laptop.

Try/watch: Do not rush to redesign workflows around rumored hardware. Watch for three concrete details: what tasks can run fully offline or locally, how permissions are granted and revoked, and whether businesses get audit logs for actions an agent takes on a user’s machine.