AI Export Controls, Critical Patches, Intrusions, and Cloud Updates

Export controls on advanced AI, a cluster of critical fixes, stealthy long‑running intrusions, and notable cloud updates shaped the day. Agencies pushed urgent remediation timelines while law enforcement targeted large-scale fraud infrastructure. Vendors expanded regional capacity and adjusted defaults in core ecosystems to curb supply chain risk.

U.S. Directive Halts Access to Anthropic’s Frontier Models

The U.S. government issued an export-control directive that led Anthropic to suspend access to its two most capable models, Fable 5 and Mythos 5, for all customers while the company seeks clarification. According to a Anthropic order, the directive requires barring access to foreign nationals, including the company’s own employees, prompting an immediate fallback to default models or Claude Opus 4.8 and causing existing Fable 5 sessions and platform requests to fail. Anthropic says the decision followed a reported narrow jailbreak demonstration and that the government provided verbal evidence; it contends the response is disproportionate and is complying while working to restore access.

Patch Now: Splunk, phpBB, LangGraph, and Ivanti

Splunk disclosed and fixed a critical vulnerability (CVE-2026-20253, CVSS 9.8) in Splunk Enterprise that allowed unauthenticated arbitrary file operations leading to potential pre-auth remote code execution. Technical details describe abusing PostgreSQL sidecar recovery endpoints to write arbitrary files and overwrite frequently executed scripts; administrators should upgrade to the fixed versions and monitor for suspicious file writes. Details: Splunk CVE.

Security researchers reported a decade-old authentication bypass in phpBB that enabled logins as any user, including administrators, via a trivial single request on default configurations. phpBB 3.3.17 addresses the issue for the 3.3 branch; a safe 4.x release is pending. Operators should upgrade immediately and review OAuth redirect handler changes. Details: phpBB bug.

Three vulnerabilities were patched in LangGraph, including a SQLite checkpointer SQL injection (CVE-2025-67644) that can be chained with unsafe msgpack deserialization (CVE-2026-28277) to achieve remote code execution on self-hosted systems, and a RediSearch query injection (CVE-2026-27022) affecting Redis checkpointing. Successful exploitation can execute attacker-controlled payloads in the application runtime via the get_state_history() path. Users should upgrade, enable authentication, and segment agent infrastructure. Details: LangGraph flaws.

CISA ordered U.S. federal civilian agencies to remediate an actively exploited Ivanti Sentry OS command injection (CVE-2026-10520) within three days under BOD 26-04. The flaw has been added to the Known Exploited Vulnerabilities catalog amid reports of widespread backdooring of exposed gateways following patch and proof-of-concept release. Agencies are directed to prioritize rapid remediation and evaluate exposure. Details: CISA order.

Stealthy Intrusions and Account Breaches Meet Takedowns

Sygnia reported a long-running campaign attributed to a China-linked actor tracked as Velvet Ant that modified core Linux authentication components—PAM modules and OpenSSH binaries—to capture credentials, record commands, and accept secret passwords on isolated networks. The activity, dating to 2016, evaded standard remediation steps by subverting the login layer, requiring integrity verification and clean replacement of affected binaries. Details: Velvet Ant.

France’s government confirmed a breach of its Tchap messaging platform via an account takeover, affecting 73,467 accounts and exposing user names, emails, affiliations, and content from public, non-encrypted forums. Private conversations remain encrypted. DINUM notified CNIL, blocked the malicious account, and is investigating the scope of exposed data and documents. Details: Tchap breach.

U.S. authorities, working with Google and Black Lotus Labs, disrupted a large phishing-as-a-service operation known as Outsider Enterprise that leveraged AI-assisted tooling and mass SMS campaigns against Android users. The takedown involved seizing administration servers, storefronts, accounts, infrastructure funds, and redirecting thousands of domains. Google linked the operation to some 9,000 fake websites and over a million malicious URLs. Details: FBI takedown.

Cloud Expansion and Ecosystem Hardening

AWS expanded its entry-level hosting footprint, making AWS Lightsail available in Asia Pacific (Hong Kong), South America (São Paulo), and Europe (Spain) to reduce latency and support data residency needs. For storage-intensive x86 workloads, new EC2 I7i instances arrived in the Europe (Paris) Region, bringing 5th Gen Intel Xeon CPUs, 3rd gen Nitro SSDs, up to 45 TB NVMe, and lower storage I/O latency versus I4i.

On the ML side, Amazon SageMaker added serverless fine-tuning for Nvidia’s Nemotron 3 Nano, enabling SFT and RFT with consumption-based pricing in select regions. Separately, AWS brought EC2 SageMaker Nemotron customization to managed workflows and made EC2 Capacity Blocks for ML available in AWS GovCloud (US), allowing advance GPU reservations for regulated workloads.

In the JavaScript ecosystem, GitHub announced that npm v12 (due July 2026) will flip default behaviors to reduce supply chain risk—blocking automatic install scripts, Git URL resolution, and remote tarball sourcing unless explicitly allowed. Developers can begin testing with npm 11.16.0+ and use tooling to approve necessary scripts. Details: npm v12.