AGP Executive Report

AI & Software Engineering: Nvidia unveiled RTX Spark, an AI-focused chip meant to bring on-device agents to PCs, while Microsoft ended Claude Code licenses and is pushing an in-house coding model for GitHub Copilot. AI Platforms Launch: SkipLabs launched Skipper, a closed-loop coding agent that turns prompts into running services, and PIPPA debuted iOS/Android tools for AI story-to-animation creation. Cybersecurity: Dutch police dismantled a 17-million-device botnet; Microsoft Office for the Web and Teams saw a file access outage; and IBM WebSphere Server faces a remote code execution flaw. Policy & Regulation: Oman passed a cybercrime law with tougher penalties, and Brazil’s digital regulator invited comment on age-verification guidance. IT in Public Sector: Latah County, Idaho, is building IT skills, not headcount, and India’s RBI launched surveys covering software/ITeS exports. Education & Workforce: Charles County CTE seniors earned Cisco CCNA/CCST credentials, and CBSE admitted security gaps in its OnMark portal after a teen hacker report.

AI & Cybersecurity Policy: Australia’s Home Affairs issued PSPF Advisory 001-2026 urging agencies to lock down cyber basics before engaging frontier AI, warning of a “vulnerability storm” from weak hygiene. AI Safety & Identity: Meta rolled out AI tools to flag likely underage accounts and automatically shift teens into safer experiences, even when birthdays are misreported. Big Tech Hardware Push: Nvidia unveiled RTX Spark, an Arm-based Windows PC “superchip” aimed at local AI agents, with laptops and mini PCs arriving this fall. Age & Teen Online Safety: Meta’s age-verification updates focus on stricter privacy, reduced unwanted contact, and limited mature content exposure. Security in Practice: Serbia expands facial recognition capabilities amid legality concerns, with systems ingesting feeds from cameras and enabling real-time and retrospective identification. Local Tech Governance: Islamabad re-imposed revised business hours from June 1, while exempting IT companies and call centers. Education Tech & Exams: Telangana TET 2026 is set for CBT June 16–22 with two daily sessions. Digital Exam Controversy: A fresh Supreme Court plea seeks NEET-UG re-test in CBT mode instead of pen-and-paper. Market Signals: CLSA says AI hasn’t yet hurt SaaS earnings, with companies maintaining revenue and margin guidance. Funding & Startups: Impensus Electronics raised Rs 1.6 crore to cut post-harvest losses using controlled-environment agritech.

AI Security & Fraud: Researchers say hackers are using conversational manipulation to jailbreak AI chatbots, shifting attacks from classic hacking to social tricks that coax harmful outputs. Education Tech Oversight: India’s parliamentary panel will meet June 1–2 on exam reforms, including NEET, NTA, CBT vs pen-and-paper, and CBSE’s On-Screen Marking (OSM) system after ongoing controversy. Cloud & Data Residency: Kenya’s health sector is rolling out cloud infrastructure via AWS Outposts so patient records stay local while improving access speed for thousands of facilities. Cybercrime & Scams: Michigan State Police arrested a teen for child sexual material possession and using a computer to commit a crime, while a separate report highlights Carnival’s breach tied to social engineering of an employee account. App Privacy Watch: Taiwan flagged four Chinese-made apps for covert data harvesting and transmission risks. Managed IT Demand: Denver and Worcester MSPs are pushing the message that real-time visibility is key to stopping cloud malware and reducing downtime. Enterprise/Platform Moves: OpenAI’s Codex for Windows with computer use continues, and Google’s AI threat defense is positioned as a response to real-world AI-era attacks. Insider Trading Case: U.S. prosecutors charged a Google employee over $1.2M in Polymarket trades allegedly based on confidential internal search data.

Cybersecurity Policy & Enforcement: Nepal’s budget pushes IT with tax breaks for IT exports and “sweat equity” deductions, plus an AI-enabled e-assessment system and paperless, automated tax administration. Data Breach Fallout: Cadence Bank’s MOVEit-linked breach settlement could trigger automatic $10,000 payments for eligible Americans. Active Vulnerability Watch: Palo Alto PAN-OS authentication bypass is being actively exploited, raising urgency for patching and monitoring. AI Security Threats: Researchers warn of prompt-injection and model theft risks, while new work shows LLM-agent intrusions can happen “in the wild.” Privacy & Tracking: Reports claim websites can spy on activity via SSD timing tricks (FROST), and another story flags an age-verification service used by PlayStation and Meta as a privacy mess. IT Sector Moves: Qatar’s Digital Agenda 2030 targets QR40bn for a non-hydrocarbon digital economy, backed by major cloud and AI partners. Workplace Impact: A study highlights how menstrual symptoms can heavily reduce productivity, pushing employers to treat health support as an operational issue.

AI Website Builder Launch: Yandex B2B Tech is rolling out VibeCraft, an AI service that turns text descriptions into websites and web apps (including CRM/tracking tools and online games), aiming to cut development costs and time dramatically. Cybersecurity Alert: The FBI warned about the “Silent Ransom Group” (also known as Luna Moth/Chatty Spider/UNC3753), which impersonates IT support via phone and phishing to target healthcare and other sectors. Crypto Network Glitch: Sui’s mainnet stalled twice in 48 hours after a v1.72 upgrade introduced a gas accounting issue tied to Address Balances, disrupting transaction finality. Quantum Progress: Stanford researchers reported a room-temperature quantum device using twisted light to link photons and electrons without extreme cooling. Enterprise/Cloud Security & Ops: ServiceNow surged on AI enterprise updates, while CISA urged teams to check for software development compromises. Data Center Push in Kentucky: Utilities flagged a pipeline of hyperscale data centers that could demand up to ~12 GW, raising local power and planning concerns. Automotive Software Recall: Stellantis recalled 419,000 U.S. vehicles for a side airbag software issue, with dealers updating the occupant restraint controller module. UK Border AI Age Checks: The UK Home Office plans to use AI facial scanning to estimate asylum seekers’ age, with a contract awarded to Akhter Computers.

Cybersecurity & Compliance: Right Hand Technology Group says it passed an independent SOC 2 Type II audit covering managed IT and cybersecurity controls (Oct 2025–Mar 2026). Privacy & Surveillance: Reuters reports Meta’s AI “computer use” tool may collect mouse-click and navigation data from 200+ apps, with internal docs suggesting it could also pull non-U.S. data—raising fresh EU privacy concerns. Quantum Security: ONEKEY offers a platform to map cryptography in device firmware to prepare for post-quantum migration (“harvest now, decrypt later”). Security Research: Plume warns SuperBox streaming devices can contain dormant software that turns home broadband into proxy nodes, potentially enabling data theft and attack traffic. Data Breach: Carnival confirms 5.99M people were impacted after social engineering let attackers access part of its IT system. AI & Dev Culture: Zig bans AI-assisted code submissions, calling LLM contributions “invariably garbage.” Workplace Tech Law: A suit claims T-Mobile required call center workers to start multiple systems before shifts without pay. Public Safety Tech: PulsePoint Respond expands CPR/AED help via 911-integrated alerts.

AI Security & Governance: Arm open-sources Metis, an agentic AI security framework already running across 130+ Arm code projects to spot complex vulnerabilities earlier with fewer false alarms. Cybersecurity Funding: Trumbull County approves $214K over three years to strengthen local cybersecurity programs under Ohio’s HB 96 requirements. AI Model Safety: Anthropic says it’s making “Mythos-level” AI models safer for broader release, after earlier limits due to misuse risk. Enterprise IT & Platforms: Google merges Android and ChromeOS into one platform and launches AI-first “Googlebook” laptops with Gemini as the core experience. Software for Health: FDA grants Coredio’s CPSE Breakthrough Device Designation for noninvasive heart failure hemodynamic assessment using wearables and AI. Automotive Software-Defined Shift: ADAS is moving from sensor-heavy designs to integrated sensing + centralized computing + software platforms, reshaping who leads the stack. Robotics Regulation: China rolls out a national “digital ID” system for humanoid robots with a 29-digit traceability code for lifecycle governance. Cybercrime & Courts: Delhi High Court refuses to unblock Cockroach Janta Party’s X account, while separate reporting highlights phishing scams and the need for safer user habits. Business Tech News: WiseTech faces a security investigation after handwritten death threats tied to AI layoffs; Dish TV launches VZY to unify streaming and live TV across devices.

Enterprise Software: Aquilon Software is pitching an affordable, integrated ERP for small and mid-sized manufacturers and distributors, aiming to replace disconnected accounting and spreadsheets with one system for finance, inventory, purchasing, sales, and reporting. Cloud & AI Models: AWS is reportedly in talks to add SpaceX’s Grok models to Bedrock, pushing Bedrock as a central hub for frontier models and expanding Grok’s enterprise reach. Cybersecurity Supply Chain: Researchers warn of a Linux malware campaign that hides a payload as “/tmp/.sshd” during package installs, abusing legitimate install hooks in PHP and Node.js workflows and GitHub automation. Fraud Marketplaces: Telegram channels are being used to sell “verified” bank and fintech accounts for money laundering, fueling a Mule-as-a-Service economy that lowers barriers for criminals. AI Security Controls: Anthropic is preparing a broader Claude Mythos rollout after Project Glasswing, while expanding defensive security offerings around Claude Code and Claude Security. Meta Subscriptions: Meta is rolling out Instagram Plus, Facebook Plus, and WhatsApp Plus globally under “Meta One,” adding paid features like profile customization and story insights. Public Sector Tech: Marymount University joins a U.S. defense-linked cybersecurity and spectrum workforce pipeline, aiming to feed students into mission-focused roles.

AI Security Arms Race: Google Cloud rolls out “AI Threat Defence” to spot vulnerabilities in real time and help teams respond faster, directly challenging Anthropic’s Mythos and OpenAI’s Daybreak. Cybercrime Tactics: The FBI warns law firms are being hit by the Silent Ransom Group via fake IT support calls and even in-person visits to push remote access and plant devices. Insider-Fraud Case: U.S. DOJ charges a Google engineer over $1.2M in Polymarket insider bets tied to confidential search data. Enterprise AI & Jobs: Big tech layoffs are accelerating as AI adoption grows, while cybersecurity hiring surges; a CISO warns AI-built agents inherit over-permissioned identities. Government IT Modernization: UK research says a quarter of central government systems run on outdated legacy tech, with major risk and cost gaps. Education Tech Push: Mongolia approves “One Student-One Computer, One Classroom-One Smart Board,” aiming to close learning gaps with AI-enabled platforms. Cloud/Partner Moves: KPI Partners earns AWS Advanced Tier status, signaling deeper cloud delivery and co-sell support. Local Tech in Action: Paragould council approves cloud cemetery software with an app and drone headstone mapping.

Education Cybersecurity: A 19-year-old researcher says India’s CBSE Onscreen Marking portal had a “master password” that could unlock examiner accounts and alter marks, while CBSE denies hacking claims and activists push for an independent security audit and contract review. Cybercrime Disruption: CrowdStrike, Google and Shadowserver helped take down the GlasswormRAT botnet by striking multiple command-and-control channels at once, targeting developers via poisoned code in repositories. AI Agents & Enterprise: Skan AI launched an “intelligence framework” to give enterprises visibility and governance over AI agents across workflows, and Supermicro teamed with Verda to deliver NVIDIA GPU-accelerated AI cloud infrastructure. Security & Crypto: Researchers claim Iranian hackers hit LA’s transit network, stealing about 700GB of data, and the report adds to concerns about state-linked cyberattacks. Connectivity Hardware: Broadcom expanded its Wi‑Fi 8 portfolio with new integrated SoCs aimed at high-performance routers and mesh systems. Compliance Software: EHS Insight rolled out a Legal Register module to centralize and track evolving environmental, health and safety obligations.

DoD Security Milestone: archTIS says its NC Protect platform cleared the US Department of Defense’s final Warfighter Command production testing—meeting all 60/60 test cases, with no technical barriers left—pushing the company toward potential near-term deployment in high-assurance military environments. Regulatory Pressure in India: The Enforcement Directorate carried out searches at former Kerala CM Pinarayi Vijayan’s residence in the CMRL-Exalogic case and recorded statements from his daughter, as the probe continues after a Kerala High Court greenlight. Cybersecurity in the Spotlight: Anthropic’s Claude Mythos continues to be used in government and corporate security testing, while India is reportedly running vulnerability tests on sensitive public-facing systems tied to Mythos. AI + Chips, State by State: China added AI training and inference chips to its “secure and reliable” assessment list, signaling a deeper push for domestic alternatives amid US curbs. Market Mood: US “Fear & Greed” improved but stayed in “Greed,” as Nasdaq and S&P 500 rose on AI optimism. Local Tech Ops: Samsung workers voted on an AI-linked bonus deal after averting a major strike.

Agentic AI at work: A new survey finds workers are losing confidence after software transitions, with 49% saying they feel less able to do their jobs—highlighting the “mind shift” companies still face as agentic AI moves from modeling to actually executing tasks. Privacy in court: A federal judge threw out a Meta location-tracking class action, saying the complaint didn’t plausibly show Meta knew it was receiving precise location data without consent. Security operations hit: Chelan County’s court system was forced to reschedule hearings after a malware attack, showing how quickly IT failures spill into public services. Cyber policy push: US state tech officials urged Congress to renew unfunded cybersecurity grants for local governments, warning AI-driven threats are raising the stakes. AI meets crypto: Coinbase’s Base launched Base MCP, letting AI agents interact with wallets and DeFi apps via plain-language prompts. Education & AI hype: Ireland’s SEC warned students against AI “Leaving Cert prediction” sites, calling claims unreliable.

AI Security & Governance: Anthropic is preparing a wider rollout of Claude Mythos as “Mythos 1,” after Project Glasswing helped surface 10,000+ serious software flaws—while tests also warn that open AI models can be quickly stripped of safety safeguards using downloadable tools. Cybercrime & Breaches: KnowledgeDeliver’s LMS flaw is being exploited in the wild to deploy the BLUEBEAM web shell, and The Oncology Institute says a third-party vendor incident may have exposed patient data. Enterprise IT Risk Controls: India’s CERT-In urges faster fixes for internet-facing and critical systems, and NTT Security Japan and Tokyo Metropolitan University are teaming up to study social-engineering infrastructure used in phishing and fraud. Auto Software Safety: Hyundai recalls 421,000+ vehicles in the US over a front-camera software defect that can trigger unexpected emergency braking. Business & Talent: WiseTech’s CEO received handwritten threats amid a 2,000-person redundancy push, and Istari Digital hires a long-time cloud security leader to build safer agentic AI infrastructure.

Public Sector IT Risk: The Philippines’ LTO told lawmakers its LTMS maintenance has fully lapsed—no patches, no monitoring, and no incident response—after Dermalog’s contract ends, with the final module expiring May 30, pushing the agency to lean on its own IT system to keep services running. Cybersecurity Readiness: Saudi Arabia’s NCA says 300+ national entities took part in a Hajj cyber drill with simulated attacks and response practice, aiming to harden systems and awareness for pilgrims. Data Misuse Case: India’s IIPS in Mumbai alleges Rs 14.48 lakh payroll fraud, accusing staff of manipulating attendance and overtime records under IT Act provisions. Digital Imitation Scam: Fake “Tomodachi Life” knock-offs are flooding Google Play with near-identical branding and 150,000+ downloads, raising age-rating and impersonation concerns. Enterprise Upskilling: Certiprof says its professional IT certification community topped 230,000 members across 100+ countries.

Quantum Breakthrough: imec says it has fabricated a working network of silicon quantum dot qubits using high-NA EUV, with ultra-tight gaps (a key step toward scaling “industry qubits”). AI Security Hiring Surge: recruiters report a spike in demand for cybersecurity talent as AI models like Anthropic’s Mythos and OpenAI’s GPT-5.4-Cyber raise fears of faster vulnerability discovery and exploitation. API Threats in APAC: Akamai’s study flags AI-linked API attacks as a major driver of incidents, with Singapore among the most exposed markets and weak API visibility still a problem. Healthcare Maintenance Gets an AI Boost: TRIMEDX adds a “technician agent” to help biomedical staff troubleshoot equipment faster inside its CMMS. Local Tech for Public Budgets: FallRiverBudget.com lets residents simulate cuts and deficits using publicly available city budget data. Policy & Governance: MeitY and ISB convene a Governance Summit 2026 on “Inclusive AI,” focusing on safer online services and better public delivery.

Digital Parenting Launch (Qatar): Qatar’s MCIT rolled out the first “Digital Parenting” series at the Doha International Book Fair, giving families practical guidance on safe device use, responsible content habits, and open conversations about online risks. Cyber Resilience (South Africa): A DDoS wave disrupted connectivity across multiple South African hosting providers, exposing a gap between national cyber capability and real-world coordination. AI & Consumer Tech Glitches (Google/Apple): Google confirmed a Pixel Watch “Find My Phone” failure after a recent update, while Apple registered a new genAI.apple.com subdomain ahead of WWDC on June 8. Identity & Access (Pakistan): NADRA simplified first-time CNIC issuance by making signatures optional and removing thumbprint substitution. Industry Policy (India): Karnataka plans to cap computer science engineering intake at 900 seats per institution, aiming to rebalance admissions toward non-CS branches. Auto Safety Recall (Waymo): Waymo issued a recall after software trouble distinguishing floodwater from asphalt, following incidents in heavy rain.