Pulse24
IBM ibm establishes anderon quantum foun MC copilot cowork exfiltrates m365 file ECB ecb addresses ai cyber threat with b CH ai models boost cybersecurity hiring APPLE apple prepares dedicated gen ai web QC ai accelerates quantum crypto threat NVIDI nvidia confirms china cpu market for ACC memory dominates ai chip component c OPENA brockman details openai's near colla UDRI ai accelerates drug discovery for ne ANTHR ai finds 10,000 software vulnerabili OPENA openai hires safety researcher for a
inPulse24 Tuesday Briefing
Edition #42 · May 12–18, 2026 · Read time ~4 min
Live · 18 May 2026
Tuesday Briefing/2 stories/4 signals

Agents and Zero-Days

AI agents are shipping to production faster than the security models built to contain them.

Published18 May 2026
Coverage11 May 2026 – 18 May 2026
Stories tracked39
Featured2
AuthorPulse24 Desk
Last updated18 May 2026
This week’s pulse

OpenAI restructured leadership to go all-in on AI agents and Notion opened its workspace to third-party agent code, while Google confirmed the first AI-driven zero-day exploit and researchers showed poetic prompts bypass safety controls across 31 systems. The trade-off for engineering leads: ship agents now, or hold back until security catches up.

01

Agent platforms consolidate around two new hubs

What happened

OpenAI consolidated product leadership under Greg Brockman with an "all-in" strategy on AI agents, merging ChatGPT and Codex into a single agentic platform.

Meanwhile, Notion launched a developer platform with Notion Workers for custom code and database sync from sources like Salesforce and Postgres. Over one million agents have been built since Notion's February Custom Agents launch.

So what

This accelerates agent adoption timelines for platform engineers because two major platforms now treat autonomous AI as core infrastructure, not a feature layer.

The counter-case

Notion's one million agents were built before the developer platform existed — the new features add custom code and data sync, not agent capability itself. Whether developers migrate to Notion Workers depends on sandbox performance and pricing, neither yet disclosed.

Related signals

Platform engineers, product architects, engineering leads.

Action

If you use Notion or OpenAI's platform, audit permissions and data egress points before enabling agent features that sync external databases — the integration surface is expanding faster than security reviews cover.

02

AI-powered attacks outpace guardrails

What happened

Google's Threat Intelligence Group confirmed criminal hackers used an AI model to discover and weaponise a zero-day in a popular open-source system administration tool. The attack aimed to bypass two-factor authentication via a Python script; Google notified the software maker, and a patch shipped before the exploit caused damage.

In parallel, Italian researchers demonstrated that poetic prompts bypass safety controls across 31 AI systems from Anthropic, Google, and OpenAI, confirming guardrails are "more like suggestions than barriers".

So what

This breaks the assumption that guardrails contain AI-specific risk, because attackers can use AI to find vulnerabilities faster than teams patch them, and creative prompting bypasses controls meant to prevent misuse.

The counter-case

The confirmed zero-day targeted one vulnerability class in one tool, and the patch arrived before exploitation succeeded. Broad AI-driven exploit campaigns require scaling across diverse codebases, which current models may not achieve reliably.

Related signals

Security architects, DevSecOps leads, engineering teams deploying AI-connected systems.

Action

If you run security, add AI-assisted vulnerability scanning to your red team toolkit this quarter — if attackers are using AI to find zero-days, defensive testing should match.

So what

Agent platforms ship on the assumption that guardrails work. This week's evidence suggests otherwise — not against AI-powered zero-day discovery, and not against creative prompt manipulation across 31 systems. The teams building agents and the teams defending against AI-powered attacks are on different timelines.

---

📡 Signals

Worth tracking.

Markets
Cerebras reached a $100B market capitalisation on its first trading day — the largest US tech IPO since 2019 — with stock nearly doubling.
Finance
Kioxia forecast a 47-fold net profit increase for April–June, its second consecutive record, on AI data centre memory demand.
Risk
Foxconn confirmed a ransomware attack; the Nitrogen group claimed theft of over 11 million files, including customer schematics for Apple and Nvidia.
Macro
LinkedIn eliminated 900 roles, approximately 5% of its workforce, restructuring teams around AI.
📊 Pulse check

The week by the numbers.

Stories tracked
39
Busiest category
8Product
Google 5Anthropic 3
🔭 The longer view

Trust and predictability are the new constraint.

Pulse24 has tracked agent deployment accelerating since Q1: workspace agents in April (Edition #39), an autonomous agent destroying production in nine seconds (Edition #40), and this week's platform consolidation under dedicated leadership. AI security incidents moved from theoretical to operational in the same period. The pattern suggests agent deployment and AI-powered attacks scale on similar curves, but defensive tooling lags both.

---

Pulse24’s view

Pulse24's view: This week's priority for engineering leads — audit permissions and data egress on agent integrations, and add AI-assisted vulnerability scanning to red team processes, before your next deployment.

👁 Forward watch

What we’re watching next.

May 28, 2026
Nvidia Q1 FY2027 earnings — relevant to whether AI chip demand sustains infrastructure investment paceNvidia investor relations calendar
📚 References

Where this week’s evidence comes from.

Agent platforms consolidate around two new hubs

AI-powered attacks outpace guardrails