Anthropic's AI Cracks Classified Systems, OpenAI Enters Advertising, EU AI Act Delayed, and Google Bets on Hollywood
Anthropic's Mythos model penetrated classified U.S. government systems during a testing exercise — in hours, not weeks. OpenAI made its Cannes Lions debut declaring itself firmly in the advertising business. The European Parliament voted to delay the EU AI Act's key compliance deadlines. Google invested $75M in A24 to build AI filmmaking tools. And Anthropic launched Claude Tag, putting an AI teammate directly inside Slack channels. June 24, 2026.
1. Anthropic's Mythos Model Broke Into Classified U.S. Systems "In Hours"
The most explosive AI story of the week arrived quietly, through congressional testimony and an AP News exclusive: Anthropic's Mythos AI model — the company's classified-tier system deployed under Project Glasswing — identified vulnerabilities inside highly sensitive U.S. government computer systems during a joint testing exercise with intelligence agencies. And it did so in hours.
"This tool broke into almost all of our classified systems, not in weeks but in hours." — Sen. Mark Warner (D-VA), citing Gen. Joshua Rudd, head of the NSA and U.S. Cyber Command, at a June 11 Senate Banking Committee hearing.
The AP News report clarifies that discovering vulnerabilities is not the same as exploiting them — Mythos identified weaknesses, but there is no indication it actively compromised systems within that timeframe. Still, the implication is staggering: a commercial AI model, deployed under controlled conditions, can do what nation-state red teams spend months attempting.
Project Glasswing was launched to gather this kind of data — bringing together major tech companies and AI labs specifically to stress-test critical software infrastructure against the most capable models. The NSA declined to comment, and Anthropic's spokesman also declined to respond. But the facts are now public: the U.S. government's classified systems have a serious new adversary category — and it's domestic AI.
Compounding the story: the NYT separately reported that the NSA lost access to Anthropic's powerful tools amid a contract dispute, underscoring how precarious the government's relationship with frontier AI labs has become. The same week a Congressional hearing disclosed Mythos's penetration test results, the NSA was reportedly cut off from access to those tools.
This isn't a story about Anthropic doing something wrong — it's a story about what frontier AI models can now do, period. The penetration testing results validate what security researchers have warned for two years: that AI-assisted offensive security has crossed a threshold. For enterprise security teams, this changes the threat model. Automated vulnerability discovery at this speed and scale means your patching cadence is no longer the bottleneck — detection is. Organizations running legacy infrastructure, especially those in critical sectors, need to treat AI-assisted red-teaming as a present-day threat, not a future one. The question isn't whether adversaries will deploy models like this. It's whether your defensive AI is keeping pace.
2. OpenAI at Cannes: "We Are Clearly in the Advertising Business Now"
OpenAI made its debut at the Cannes Lions advertising festival this week with a straightforward message: forget impressions, forget scroll rates — ChatGPT is an intent-driven medium unlike anything the ad industry has built on before.
"Why does someone open the ChatGPT app? They want to do research, they want to solve a problem, they want to get information on a particular topic. They're not coming to ChatGPT to scroll." — Dave Dugan, OpenAI Head of Global Ads Solutions, via AdExchanger
OpenAI CRO Denise Dresser outlined the company's pitch to advertisers: shift from measuring time-spent to measuring whether an AI "intelligence interaction" changed a user's behavior. It's a high-concept play, and the company is backing it with real product: ChatGPT reportedly already has more than 2,000 brands running through Criteo's integration, shoppable TV formats are spreading, and OpenAI is building a full ads manager to let brands buy into this new intent-driven channel directly.
The ambition is remarkable. AdExchanger reports that OpenAI has told investors it expects to hit $100B in revenue within four years — a target that required entering advertising. For context, it took Meta 17 years to clear $100B in ad revenue. OpenAI is betting it can do it faster by sitting at the moment of intent rather than the moment of distraction.
OpenAI isn't alone at Cannes this year. Anthropic is also pitching brand relationships in Cannes, and Google reworked its Smart Bidding presentation around AI-native performance measurement. The advertising industry's Cannes Lions has quietly become an AI summit.
OpenAI entering advertising changes the game for every brand that relies on Google or Meta as primary channels. If ChatGPT becomes a major purchase-decision touchpoint — and the usage data suggests it already is for millions of consumers — then the question isn't "should we experiment with AI advertising?" It's "do we have a strategy for showing up in AI-mediated decisions?" This requires rethinking content, not just spend. When a user asks ChatGPT "what's the best CRM for a 50-person company?", your brand needs to exist meaningfully in the training data, partner ecosystems, and eventually the ad formats that influence that answer. Start building that presence now, before CPMs spike.
3. EU AI Act Gets a 16-Month Compliance Reprieve
The European Parliament voted 423-to-57 on June 16 to formally amend the EU AI Act for the first time since it entered into force in August 2024. The changes — part of a broader EU simplification push — push back key deadlines significantly and introduce a new outright ban on AI tools used to generate nonconsensual intimate imagery.
The headline numbers: for AI deployed in high-risk settings — including hiring, education, and law enforcement — the main compliance deadline shifts from August 2, 2026, to December 2, 2027. AI built into regulated products like medical devices and industrial machinery gets until August 2028. The EU Council still needs to formally sign off, expected before August 2, 2026, but passage is considered assured.
"Key deadlines extended. For AI deployed in high-risk settings, the main compliance deadline shifts from 2 August 2026 to 2 December 2027." — Ogletree Deakins, summarizing the Parliament vote
Other amendments worth noting: AI content labeling tools already on the market before August 2, 2026, have until December 2026 to add machine-readable AI-generated content labels. A new outright ban on deepfake intimate imagery — both for developers and deployers — goes live in December 2026. The amendment also resolves a long-standing compliance overlap for AI embedded in regulated industrial machinery.
The practical implication: companies that were scrambling toward an August 2026 high-risk AI compliance sprint just got more than a year of breathing room. But the December 2026 bans on deepfake intimate imagery are still coming fast, and content labeling requirements remain on the near-term horizon.
Don't mistake a deadline extension for a reprieve from compliance preparation. The EU AI Act framework itself hasn't changed — only the timeline. Organizations that use AI in hiring, benefits administration, employee performance evaluation, or credit assessment still need to build the risk management and transparency infrastructure the Act requires. The extra 16 months should go toward doing it right, not waiting. Companies that treat the extension as permission to delay will face a compressed scramble in 2027 — and by then, the enforcement apparatus will be operational. Use this window to build governance architecture that will outlast any single deadline.
4. Google Invests $75M in A24 to Build AI-Powered Filmmaking Tools
Google and independent studio A24 announced a research partnership this week that pairs a roughly $75 million Google investment with direct access to DeepMind's research team and infrastructure. The goal: co-develop new AI-powered workflows and tools for filmmakers.
Under the terms of the deal — reported initially by the Wall Street Journal — A24 gets DeepMind researchers working on-site and in collaboration with the studio's production and post-production teams. Google gets something arguably more valuable: proximity to actual professional creative workflows. The deal explicitly does not give Google access to A24's content library or data, which was a sticking point in many earlier Hollywood-AI negotiations.
A24 partner Scott Belsky, who leads the studio's technology division A24 Labs, is framing this as a tool-building effort for filmmakers — not a content replacement play. But the partnership lands in a fraught moment for Hollywood-AI relations. Disney's short-lived deal with OpenAI came as it sued AI companies including MiniMax and Midjourney for copyright infringement. Lionsgate expanded its Runway AI partnership to develop AI-generated franchise content. Netflix acquired Ben Affleck's AI filmmaking startup InterPositive.
"A24 and Google have struck an AI research partnership that will see the independent studio work with Google's DeepMind unit to develop new AI-powered technologies for filmmakers." — Variety
The Google-A24 deal is a masterclass in how to structure an AI creative partnership in 2026. No content licensing, no training data access, no IP transfer — just research collaboration and tool-building. That's the structure that gets deals done today without triggering the copyright landmines that blew up earlier Hollywood-AI negotiations. For creative agencies and media companies watching this space: the path forward isn't "license your catalog to train an AI." It's "build proprietary tools that make your team faster and better." The studios that own their AI workflows will have a lasting advantage over those that rent capabilities from vendors.
5. Anthropic Launches Claude Tag: AI Teammate for Slack
Anthropic shipped Claude Tag this week — a new way for teams to collaborate directly with Claude inside Slack. Grant Claude access to selected channels, connect it to tools, data, and codebases, and anyone on the team can @-mention Claude to delegate tasks while they focus on other work. Claude builds context by watching channels it's granted access to and can plan multi-step tasks proactively.
"Tagging @Claude is now one of the main ways we get things done at Anthropic. Today, 65% of our product team's code is created by our internal version of Claude Tag." — Anthropic announcement
Anthropic is framing Claude Tag as an evolution of Claude Code — more proactive, team-native, and capable of operating within the ambient context of a channel rather than requiring one-shot prompts. The feature launches in beta today for Claude Enterprise and Team customers, with broader availability planned. Beyond engineering, Anthropic says teams are already using it to chase down product metrics, work through support tickets, and debug complex issues collaboratively.
The 65% figure is striking — if accurate, it means the majority of new code at Anthropic itself is now AI-generated through a tool that wasn't publicly available until today. That makes Anthropic's own product team the most credible reference customer for Claude Tag's capabilities.
Claude Tag represents the next evolution of the AI-in-the-workflow story: from individual tool to team member. The difference matters enormously for adoption. When AI lives in a sidebar or requires a dedicated app, usage stays siloed and depends on individual initiative. When it lives in Slack — where teams already spend their working hours — usage becomes ambient and collaborative. The productivity implications compound: instead of one power user leveraging AI, the whole team does. Organizations that deploy Claude Tag early will develop institutional fluency with AI delegation that becomes a genuine competitive advantage. The question for your team: what's the first channel you'd @Claude in, and what would you ask it to handle?
6. OpenAI Expands Daybreak with GPT-5.5-Cyber and "Patch the Planet"
OpenAI released an improved version of its GPT-5.5-Cyber model this week — calling it the company's "strongest model yet for finding and helping patch software vulnerabilities" — as part of the Daybreak initiative it launched last month. The model is available to trusted defenders and can sustain deep analysis across large codebases to identify security issues, validate them in controlled environments, and generate targeted patches.
Alongside the model update, OpenAI launched a new initiative called Patch the Planet in partnership with Trail of Bits to help secure open-source projects. Initial participants include some of the internet's most critical infrastructure: cURL, the Python project, Sigstore, aiohttp, NATS Server, pyca/cryptography, freenginx, and the Go project.
"Developers can run deep scans or review recent changes, generate reports with severity, affected code locations, validation evidence, and remediation guidance, trace attack paths, build threat models, validate findings, and generate codebase-specific patches for review." — OpenAI on GPT-5.5-Cyber capabilities
The Codex Security plugin also received an update to speed vulnerability discovery and patching in production codebases. It can now triage and validate findings from existing scanners, bug-bounty reports, and ticketing systems, then facilitate patch generation at scale to close backlogs rapidly.
Read alongside the Anthropic Mythos story above, a pattern emerges: the frontier AI labs are racing to operationalize both the offensive and defensive sides of AI-assisted security. OpenAI is focused on arming defenders and hardening open-source infrastructure. Anthropic is partnering directly with intelligence agencies. The next 12 months will determine whether AI becomes a net positive or net negative for global cybersecurity — and the answer may depend on which side deploys first.
Patch the Planet is exactly the kind of initiative the open-source ecosystem needs right now. cURL runs on billions of devices. Python underpins half the internet's infrastructure. Sigstore secures the software supply chain. If GPT-5.5-Cyber can meaningfully accelerate patch generation for these projects, the downstream security benefit compounds across every organization that depends on them — which is essentially every organization. Enterprise security teams should be watching the Daybreak initiative closely: the same capabilities available to open-source defenders today will be available for internal vulnerability scanning via Codex Security soon. Start building the workflow now.
7. Microsoft's MAI Model Stack and Enterprise Agent Governance
Following Microsoft Build 2026 in early June, the week saw continued analysis and adoption signals around Microsoft's first-party MAI model family and its governed agent stack for Azure and Microsoft 365. The key signal: Microsoft is positioning itself as the enterprise AI governance layer, regardless of which foundation models organizations choose to run underneath.
The MAI family spans five domains: MAI-Thinking-1 (reasoning), MAI-Code-1-Flash (coding), MAI-Image-2.5 (image generation), MAI-Voice-2 (voice), and MAI-Transcribe-1.5 (transcription). The broader enterprise pitch is a six-step governed loop: agents built with identity, policy, and audit controls baked in from day one, not bolted on after.
"The model is not the differentiator; the system governing it is." — Jay Parikh, EVP of CoreAI at Microsoft, at Build 2026
Industry data supports the urgency: the Agentic AI Institute reports that 72% of enterprises now have agentic AI in production, but a 60% governance gap remains — meaning the majority of deployed agents lack adequate policy, audit, and compliance controls. Microsoft's governed agent stack is a direct product response to that gap.
New data from Gartner, Forrester, and IDC is consistent: 2026 is the year enterprises must move AI agents from pilots to production with real governance. The organizations that treat agent deployment as a purely technical problem — ignoring identity, audit trails, and policy enforcement — are accumulating compliance risk at scale.
Microsoft's "governance as differentiator" play is smart and well-timed. As enterprises run increasingly capable agents across sensitive workflows — HR decisions, financial analysis, customer interactions — the audit trail and policy enforcement layer becomes as important as the model itself. The 60% governance gap figure is a business risk metric, not just a technical one. If your organization has deployed AI agents without answering "who's accountable when this agent takes a wrong action?", you're exposed. Whether you use Microsoft's stack or build your own governance layer, the governance question has to be answered now — not after your first incident.
🔑 Why It Matters for Your Business
This week's stories share a thread: AI capabilities are outpacing the governance, regulatory, and business frameworks built to contain them. Anthropic's Mythos model demonstrating classified-system penetration in hours isn't a future risk — it's a present-day reality. The EU AI Act's deadline extension buys time, but not an excuse to delay preparation. OpenAI entering advertising means AI-mediated decision-making will increasingly influence your customers before they ever reach your website. And the surge in enterprise agent deployment without governance controls is a compliance exposure accumulating across industries right now.
The organizations that will win the next 18 months aren't the ones who adopt AI fastest. They're the ones who build AI governance, content strategy, and security posture simultaneously — treating capability and accountability as inseparable. If you're not sure where to start, that's what SEN-X is built for.
Need help navigating AI for your business?
Our team turns these developments into actionable strategy — from AI governance frameworks to agent deployment playbooks.
Contact SEN-X →