New tools, products, platforms, funding rounds, and company developments in AI security.
Anthropic's Mythos 5 AI model has been allowed to resume operations for a limited group of organizations after a two-week negotiation with the Trump administration, according to a government letter. However, Fable 5, the public version of the Mythos-class model, remains unavailable with no clear timeline for when it might be released to the public.
The U.S. government allowed Anthropic to release its Mythos 5 AI model to about 100 companies and federal agencies after a two-week standoff, during which Anthropic had disabled access to its latest models due to export control restrictions (government rules limiting what technology can be shared internationally). The Commerce Department said the decision was made to keep America competitive in AI while protecting national security.
Zhipu's GLM 5.2, a Chinese open source AI model (a model that can be freely downloaded and modified), has achieved performance comparable to top U.S. models like Anthropic's Opus 4.8 while costing significantly less, making it attractive to companies concerned about AI spending. Unlike proprietary models from OpenAI and Anthropic that face government restrictions, GLM 5.2 can be run on companies' own servers without risk of being revoked, positioning open source AI as a more reliable and cost-effective alternative for enterprise use.
Attackers are creating fake OpenAI organizations impersonating real companies and sending legitimate-looking invitations to employees to trick them into sharing sensitive information like source code and internal documents in chats. The fraudulent invitations come from OpenAI's real email servers and include payment methods attached, making them difficult to spot even though OpenAI includes a warning that the inviter's email domain doesn't match the recipient's company.
OpenAI has confidentially filed documents with the SEC (Securities and Exchange Commission, the government agency that oversees stock market listings) but has not yet held investor meetings or announced an official timeline for going public, though reports suggest a potential 2027 IPO. The company is intentionally downplaying expectations about when it will list on the stock market, with CEO Sam Altman stating that going public is a 'financing event' rather than a near-term priority.
OpenAI announced a limited preview of three new GPT-5.6 models: Sol (high-performance), Terra (balanced), and Luna (fast and affordable), with pricing ranging from $1-$30 per million tokens depending on the model and whether the input or output is being processed. The company is starting with a limited preview for trusted partners approved by the U.S. government before making the models more broadly available, and the new models include improved prompt caching (a feature that stores frequently used inputs to speed up responses) with explicit cache breakpoints and longer minimum cache duration.
OpenAI released GPT-5.6, a new model suite with three versions: Sol (flagship), Terra (medium-tier for high-volume work), and Luna (fast and affordable). The models are designed to excel at coding, cybersecurity, biology, and agentic AI tasks (where AI systems can plan and execute multi-step goals with minimal human direction), and Sol is priced competitively against competitors like Anthropic's Claude.
Malware authors are creating code that tricks AI-based security tools (LLM-assisted products, which use large language models to analyze threats) into stopping their analysis or refusing to work, according to security researchers at SentinelLabs. One example is macOS.Gaslight, believed to be linked to North Korean hackers, and this is part of a growing trend where malware is specifically designed to evade AI-powered defenses.
Companies are shifting away from "tokenmaxxing" (using as much AI as possible without worrying about costs) toward efficiency and cost control, with some businesses switching to cheaper AI alternatives like DeepSeek to reduce spending. OpenAI and Anthropic, which have benefited enormously from the previous spend-at-all-costs mentality, may face slower growth as enterprises demand clearer returns on their AI investments and limit their token (units of data processed by AI models) spending.
Anthropic removed its Mythos-class models (its most advanced AI systems) from service after receiving an order from the Trump administration on a Friday evening. Two weeks later, the company has provided no updates on negotiations or timeline for when these models might return online, leaving the situation unresolved.
OpenAI is slowing down the release of its new GPT 5.6 model at the request of the US government, offering it first to only a small group of partners instead of a wide public launch. This approach is similar to how Anthropic released its Mythos product, suggesting that AI companies may be coordinating with government oversight when deploying powerful new models.
Amazon Q Developer had a high-severity flaw (CVE-2026-12957, CVSS 8.5) where a malicious repository could run commands and steal a developer's cloud credentials through a configuration file. The bug occurred because Amazon Q automatically launched MCP servers (processes that connect AI assistants to databases and tools) from an untrusted config file without asking the developer for permission first, giving those processes full access to the developer's AWS keys and other sensitive credentials.
Amazon Q, an AI coding assistant for VS Code, had a high-severity vulnerability (CVE-2026-12957) that let attackers execute arbitrary code and steal cloud credentials just by having a developer open a malicious repository. The problem was that Amazon Q automatically loaded and ran MCP server configurations (local processes that extend an AI assistant's capabilities) from workspace files without asking the user for permission or checking if the folder was trusted. Since these processes inherited the developer's full environment, attackers could access sensitive credentials like AWS keys and API tokens.
A researcher ran a public challenge where 2,000 people attempted to hack an AI assistant by sending emails containing prompt injection attacks (tricks to make an AI ignore its safety rules and reveal secrets). After 6,000 total attempts, nobody successfully leaked the system's secrets, suggesting that modern AI models are becoming more resistant to these attacks through better training.
Fix: Push Security recommends training employees to verify unexpected organization invitations and monitoring SaaS (software-as-a-service, cloud-based applications) organization memberships to reduce the risk of these types of attacks.
BleepingComputerCisco is acquiring companies called Astrix and WideField to add NHI (network hygiene intelligence, which monitors and maintains network health) to its security products. The company believes that securing AI agents (autonomous software programs that perform tasks with minimal human input) requires making identity, which verifies who or what is accessing a system, the main control system.
OpenAI released three new AI models (GPT-5.6 Sol, Terra, and Luna) but is initially limiting access to a small group of trusted partners at the U.S. government's request, following President Trump's recent AI executive order asking developers to let the government assess model capabilities before full release. The company says it plans to make the models generally available in the coming weeks and is working with the Trump administration to develop a repeatable assessment process for future model releases.
Fix: OpenAI said it is 'working with the Trump administration to help establish a framework for such assessments and to develop a "repeatable process for future model releases."' The company also stated it is 'taking this short-term step because we believe it is the strongest path to broader availability in the coming weeks,' indicating that the initial limited rollout to trusted partners is intended as a temporary measure before wider release.
CNBC TechnologyThis cybersecurity news roundup covers several major incidents and policy developments, including Russian authorities using legacy Cellebrite software (a tool that extracts data from phones) to breach an activist's iPhone, a major data breach at Tata Electronics exposing 630 GB of Apple and Tesla secrets, and a Five Eyes warning that advanced AI is accelerating vulnerability research and exploit development (automated creation of attack tools), compressing attack timelines from years to months. Additional stories include guilty pleas from Scattered Spider hackers who compromised London's transport system, an upcoming Android developer verification framework launching in 2026, and U.S. government restrictions on OpenAI's GPT-5.6 model deployment.
Fix: The Five Eyes advisory explicitly recommends that executives and security leaders 'transition to zero-trust architectures, accelerate patching protocols, and immediately decommission legacy infrastructure to withstand machine-speed intrusions.' Additionally, the Android developer verification framework launching September 30, 2026, will feature 'new automated registration APIs alongside an advanced sideloading flow equipped with mandatory checkpoints to counter coercion scams.'
SecurityWeekFix: Update Language Servers for AWS to version 1.69.0 or later. The patched plugin minimum versions are: VS Code 2.20 or later, JetBrains 4.3 or later, Eclipse 2.7.4 or later, and Visual Studio toolkit 1.94.0.0 or later. The language server auto-updates unless the network blocks it, and reloading the IDE pulls the latest build. The fix makes Amazon Q flag untrusted MCP servers and require the developer to approve them before they run.
The Hacker NewsThe Trump administration has asked OpenAI to limit its next model release (GPT 5.6) by vetting initial users before a wider launch, marking the first time a US firm has been told to restrict an AI model before release. OpenAI said each initial partner will be government-approved, and Anthropic is also facing restrictions from Washington.
Fix: Amazon has remediated this issue in language server version 1.65.0.
Wiz Research BlogAI agents are autonomous programs that can reason, make decisions, and access multiple systems within enterprises, but the identity governance systems (IAM, or identity and access management, which controls who can access what) were designed for humans and fixed service accounts, not for dynamic autonomous actors. The core problem is that agents inherit all the permissions of the human or service identity they operate on behalf of and can access resources across many systems in a single session without traditional checkpoints, creating a governance gap that existing tools cannot see or control.
OpenAI is previewing GPT-5.6, a new series of AI models including Sol (most powerful), Terra (balanced and cheaper), and Luna (fastest and most affordable). The models include enhanced safety protections against misuse and harmful activities, with Sol featuring improved capabilities in coding, biology, and cybersecurity tasks.