Articles

Anthropic shipped Opus 4.8 and quietly disclosed a regression. Cisco proved published safety benchmarks misrank every frontier model. Check Point put a number on the gap between AI strategy and AI enforcement. The most useful week in AI security was the honest one.

In seven days, one threat actor ran three separate supply-chain waves across npm, GitHub, and Composer, and a fourth campaign started writing hidden instructions into .cursorrules and CLAUDE.md files so your own AI assistant exfiltrates your secrets. The trust boundary moved into the developer workspace, and provenance signing, MCP federal guidance, and the first papal AI encyclical all landed the same week as the response.

Mozilla shipped 423 Firefox security fixes in a single month. Mandiant confirmed 28.3% of CVEs are now exploited within 24 hours, with exploits routinely arriving before patches. Five Eyes published the first joint agentic AI risk framework. The AI infrastructure layer underneath your agents is now the most exposed software class on the internet, and one million scanned services prove it.

A Claude-powered Cursor agent deleted a startup's production database and every backup in nine seconds. The industry's response shipped within days, and the architectural pivot from guardrails to action checkpointing is now the new compliance baseline. Plus five Spring AI CVEs introducing a vector-store injection class, the Pentagon dissolving Anthropic's exclusive Mythos moat, and the Vatican beating NIST to a formal AI ethics framework.

A YC-backed compliance startup certified two AI vendors that promptly got breached. Anthropic's restricted Mythos model was accessed through stolen vendor credentials while CISA still cannot get a copy. NIST formally admitted that no finite guardrail set is universally robust. The trust chain around AI broke in three places this week, and the compliance frameworks scrambling to respond look very different from what we had a quarter ago.

Anthropic called a systemic MCP supply chain flaw "expected behavior" as OX Security disclosed 150M downloads and 200K vulnerable servers. In the same week, OWASP shipped the first AI vulnerability scoring system, NIST rationed CVE enrichment under a 263% surge, and the UK AISI published its first government-grade Mythos cyber benchmark. Here is what this week changes for AI compliance programs.

Treasury Secretary Bessent and Fed Chair Powell convened the CEOs of Goldman, Citi, Morgan Stanley, BofA, and Wells Fargo over Anthropic's unreleased Claude Mythos Preview. It is the first time a government treated an AI model's raw capability as a systemic financial risk. Here is what that shift means for compliance programs, plus the platform CVEs exploited in under 10 hours and GrafanaGhost turning enterprise AI assistants into exfiltration channels.

Last week, attackers stopped going after AI applications and started going after the tools that build them. CrewAI shipped four critical CVEs, Azure AI Foundry hit CVSS 10.0, Claude Code's deny rules got bypassed, and North Korea weaponized deepfakes for a nation-state npm attack. So let's discuss what compliance teams need to change now.

RSAC 2026 drew 44,000 attendees and a flood of AI security product launches, but the real story was what the data revealed: 500,000 machines backdoored through LiteLLM, AI-generated code producing 35 CVEs in a single month, AI agent traffic up 7,851%, and a federal judge calling the Pentagon's AI ban "Orwellian." The governance gap is accelerating.