COGNOSCERE Daily Tech Review — Issue T143 · Wednesday, June 10, 2026 (bonus run)

Or visit Intelligence Overview for deeper analysis.

ACTPalo Alto Networks PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

A critical authentication bypass vulnerability in Palo Alto Networks PAN-OS GlobalProtect portals and gateways (CVE-2026-0257) is being actively exploited in the wild, allowing unauthenticated attackers to forge cookies and establish unauthorized VPN connections. CISA added it to the Known Exploited Vulnerabilities catalog with a federal remediation deadline of June 1, 2026, and patches are available across all affected PAN-OS versions.

The Hacker News · Cybersecurity · Relevance: 0.9 · Source →

vulnerability, VPN, authentication-bypass, CISA-KEV, active-exploitation, enterprise-security, patching

ACTMicrosoft's Open Source Tools Were Hacked to Steal Passwords of AI Developers

Attackers injected credential-stealing malware into at least 70 Microsoft GitHub-hosted open source repositories—including projects tied to Azure, Claude Code, Gemini CLI, and VS Code—enabling theft of developer passwords and sensitive credentials when the compromised tools were opened. Microsoft confirmed it temporarily took the repositories offline and notified a small number of affected customers; security researchers flagged the incident as a likely re-compromise of the previously breached Durable Task project.

TechCrunch · Cybersecurity · Relevance: 0.9 · Source →

supply-chain-attack, malware, developer-tools, credentials, open-source, GitHub, AI-coding-tools

PREPAREPentagon Labels Alibaba, Baidu, and BYD as Chinese Military Companies

The Pentagon expanded its 1260H Chinese Military Company list to 188 entities, adding Alibaba, Baidu, BYD, and robotics firm Unitree, barring the Defense Department from directly contracting with them starting later this month and from procuring their goods or services through intermediaries by June 2027. All three major companies rejected the designations and vowed legal challenges; the move escalates US-China technology tensions across AI, EV, and cloud sectors.

CNBC · Geopolitics & Tech Policy · Relevance: 0.9 · Source →

US-China, tech-policy, export-controls, AI, EV, defense-contracting, geopolitics, supply-chain-risk

PREPAREGitHub Copilot Moves to Usage-Based Billing with AI Credits

GitHub Copilot transitioned all plans to usage-based billing on June 1, 2026, replacing Premium Request Units with GitHub AI Credits priced on token consumption across input, output, and cached tokens. Enterprises and IT admins now have direct cost visibility and budget controls per user and cost-center, but some developers reported rapid credit depletion from agentic workflows.

GitHub Blog · Enterprise Software & SaaS · Relevance: 0.8 · Source →

developer-tools, AI-coding, SaaS-pricing, enterprise-IT, agentic-AI, cost-management, token-billing

PREPAREPink hacking group targeting enterprise users to steal cloud storage passwords

A newly identified extortion group called Pink (CL-CRI-1147) is using vishing and social engineering to steal enterprise cloud storage credentials, then rapidly exfiltrating files from Microsoft OneDrive and SharePoint before demanding payment within 72 hours via internal Teams and email. The group leverages legitimate Microsoft automation tools to accelerate exfiltration after gaining access.

TLDR IT · Cybersecurity · Relevance: 0.8 · Source →

vishing, social-engineering, extortion, cloud-storage, Microsoft, credential-theft, enterprise-security

ACTClaude Fable 5 and Claude Mythos 5

Anthropic launched Claude Fable 5, the first publicly available Mythos-class model, featuring state-of-the-art performance in software engineering, knowledge work, vision, and scientific research, with safety classifiers that route high-risk queries (cybersecurity, biology, chemistry) to Claude Opus 4.8. Simultaneously, it released Claude Mythos 5 — the same underlying model with safeguards lifted — exclusively for vetted cyberdefenders via Project Glasswing and the US government, setting a new mandatory 30-day data-retention policy for all Mythos-class API traffic.

Anthropic · AI Model Releases · Relevance: 1.0 · Source →

model-release, frontier-AI, AI-safety, cybersecurity-AI, enterprise-AI, agentic-coding, Mythos

PREPAREOpenAI Confidentially Files S-1 with SEC, Eyes IPO as Early as September 2026

OpenAI submitted a confidential S-1 prospectus to the SEC on approximately June 8, 2026, with Goldman Sachs, Morgan Stanley, and JPMorgan as lead underwriters and a potential public listing window between September and November at a valuation analysts expect to exceed $1 trillion. The company has $20+ billion in annual recurring revenue but projects a $14 billion loss in 2026 and does not expect profitability until 2029.

Fortune · AI Industry Governance & Finance · Relevance: 0.9 · Source →

IPO, AI-finance, OpenAI, valuation, public-markets, ChatGPT, AI-governance

PREPAREOpenAI confidentially files for IPO with SEC

OpenAI submitted a confidential S-1 to the SEC on June 8, 2026, with Goldman Sachs and Morgan Stanley as underwriters and a potential listing window between September and November 2026 at a valuation of approximately $852 billion; the company stressed no final timing has been set. The filing follows Anthropic's confidential IPO submission the prior week at a $965 billion valuation and precedes SpaceX's planned Nasdaq debut on June 12.

OpenAI · Enterprise AI / Industry · Relevance: 0.9 · Source →

IPO, S-1, capital-markets, AI-valuation, generative-AI, OpenAI, Anthropic

WATCHOpenAI's 'Third Phase' Plan: Automate Research, Distribute AI Wealth, Build Personal AGI

OpenAI CEO Sam Altman and chief scientist Jakub Pachocki published a strategic manifesto outlining three goals for the company's 'third phase': automating AI research, broadly accelerating economic growth, and giving every person a personal AGI. The post also proposed a global AI coordination body empowered to pause frontier AI development—echoing a similar recent proposal from Anthropic.

OpenAI · AI Safety & Governance · Relevance: 0.9 · Source →

AGI, AI-safety, AI-policy, AI-governance, global-coordination, AI-economics, frontier-AI

WATCHAnthropic Engineers Embedded in NSA to Deploy Mythos for Offensive Cyber Operations

Approximately six Anthropic engineers have been placed inside the US National Security Agency to help deploy the Mythos AI model for offensive cyber operations, including potential network infiltration against adversaries such as China and Iran. The news surfaces as Anthropic is simultaneously pursuing a lawsuit against the Pentagon over how its models are used in warfare.

TLDR AI · AI Safety & Governance · Relevance: 0.8 · Source →

AI-defense, offensive-cyber, AI-governance, national-security, AI-ethics, government-AI

WATCHApple Unveils Siri AI and iOS 27 at WWDC 2026

At WWDC 2026—CEO Tim Cook's final keynote before handing leadership to John Ternus—Apple announced Siri AI, a rebuilt voice assistant co-developed with Google Gemini models featuring on-screen awareness, cross-app context, and a dedicated standalone app, alongside iOS 27 performance improvements extending support to iPhone 11. The overhaul will arrive as a free fall update, with a public beta in July, but will not be available in the EU or China at launch.

TechCrunch · AI Product Launches · Relevance: 0.8 · Source →

Apple, Siri, WWDC, mobile-AI, on-device-AI, private-cloud-compute, consumer-AI, iOS

PREPARESnowflake and Anthropic Accelerate Enterprise AI Adoption Driven by Rising Demand for Governed AI

Snowflake and Anthropic expanded their $200 million strategic partnership at Snowflake Summit 26, making Claude models available across Cortex AI, Cortex Code, and Snowflake Intelligence to help enterprises move AI agents from pilots to production on governed data. Snowflake Cortex Code was cited as the company's fastest-growing product ever, with the partnership targeting the persistent 'pilot purgatory' problem caused by security, privacy, and compliance barriers.

Snowflake · Business Intelligence / Analytics Platforms · Relevance: 0.8 · Source →

enterprise-AI, data-governance, AI-analytics, agentic-AI, Snowflake, Anthropic, pilot-to-production