Policy Pulse - Issue #15 | Week of May 16, 2026
OpenAI launches Daybreak with 20+ vendor partners, putting a second restricted-access defensive AI consortium next to Anthropic's Glasswing. AISI says autonomous AI cyber capability is now doubling every 4.7 months.
Policy Pulse - Issue #15 | Week of May 16, 2026
Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.
Top Story
OpenAI Joins Anthropic on Restricted Defensive AI: Daybreak Launches with 20+ Vendor Partners, Confirms a Pattern
On May 12, OpenAI launched Daybreak, a cybersecurity initiative pairing frontier models with Codex Security to build editable threat models, identify and test vulnerabilities in isolated environments, and propose patches. The launch roster spans more than 20 partner organizations across edge, endpoint, SAST and supply chain, offensive research, identity, and incident response, including Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, Oracle, Palo Alto Networks, Snyk, Tenable, Trail of Bits, and Zscaler. Access is gated: organizations must request a vulnerability scan or contact OpenAI sales, with broader rollout to industry and government partners planned over the coming weeks. The platform sits on three model variants: GPT-5.5 (standard safeguards), GPT-5.5 with Trusted Access for Cyber (verified defenders in authorized environments), and GPT-5.5-Cyber (a more permissive limited-preview tier for red teaming and authorized validation). (The Hacker News, Help Net Security)
Daybreak lands five weeks after Anthropic's Project Glasswing and one day before AISI's May 13 report finding that frontier-model autonomous cyber task horizons are now doubling every 4.7 months (an acceleration from an 8-month estimate in November 2025). The shape of the pattern is what matters: two leading US frontier labs have now stood up consortium-style defensive AI programs with restricted, tiered access; both are partnered with concentrated lists of large-vendor incumbents; and both arrive while the underlying capability is accelerating faster than the previous quarter's projections. The "is Glasswing a one-off?" question that hung over Issue #14 is answered. It is not.
Why it matters for VDP: A second restricted-access defensive program means the asymmetry the Mythos/Glasswing coverage flagged is now structural, not anecdotal. Mid-market vendors, independent researchers, and open-source maintainers remain outside both consortia. VDP programs receiving AI-discovered findings now need to consider two distinct intake pathways (Glasswing-routed and Daybreak-routed), each with its own embargo norms, partner-distribution model, and patch-coordination expectations. Triage assumptions calibrated to human researcher cadence remain stale.
Throwback: Issue #14 covered the policy responses to Project Glasswing and Anthropic's Mythos Preview; this week's Daybreak launch is the second instance of the same pattern. Issue #13 framed AISI's GPT-5.5 evaluation as confirmation the capability curve is a trend rather than an event; the May 14 doubling-rate report quantifies how fast that trend is moving.
Upcoming Deadlines & Events
This week's hot list: Two FCEB KEV deadlines (Cisco SD-WAN May 17, Microsoft Exchange OWA May 29), the EU Cybersecurity Act feedback window closing May 19, and a back-to-back pair of House cyber hearings on May 21 (state/local cyber + water-system cyber resilience). DEF CON 34 early-bird pricing also dies on May 22.
| Date | Agency / Org | Event / Deadline | Action Required |
|---|---|---|---|
| May 17, 2026 | CISA / FCEB | CVE-2026-20182 (Cisco Catalyst SD-WAN Controller, auth bypass, CVSS 10.0) remediation | Patch all supported SD-WAN Controller releases; rotate admin credentials. ED 26-03 amended May 14 to add this CVE. (CISA Alert, ED 26-03) |
| May 19, 2026 | EU Commission | COM(2026) 11 (EU Cybersecurity Act revision) feedback window closes | Submit feedback if your VDP touches EU certification or ENISA coordination. (Have Your Say portal) |
| May 19, 2026 | Senate HSGAC | Full committee business meeting (Dirksen SD-342, 8am) | Watch agenda — standard vehicle for any CISA 2015 reauth markup activity. (HSGAC hearings) |
| May 21, 2026 | House Homeland Sec / Cyber & Infra Subcommittee | "State and Local Cybersecurity: Escalating Threats, Federal Partnership, and the Resilience of America's Communities" (310 Cannon, 2pm) | Listen for VDP-relevant testimony on SLTT vulnerability coordination. (Homeland hearings) |
| May 21, 2026 | House Science / Environment Subcommittee | "Research-Driven Resilience: Applying Science to Secure U.S. Water Systems from Cyber Threats" (2pm; witnesses incl. Josh Corman, Nicole Tisdale) | Watch for OT-VDP framing and CI Fortify references. (Science hearing) |
| May 22, 2026 | Black Hat / DEF CON | DEF CON 34 early registration ($560 → $580) closes | Buy DEF CON tix at early rate. (DEF CON) |
| May 22–24, 2026 | DEF CON | DEF CON 34 CTF Qualifier (online) | Compete or follow your favorite teams. (DEF CON) |
| May 29, 2026 | CISA / FCEB | CVE-2026-42897 (Microsoft Exchange Server OWA XSS) remediation | Patch Exchange OWA where internet-reachable; CVSS disputed (NVD 6.1 / Microsoft 8.1). Added to KEV May 15. (CISA KEV, NVD) |
| June 3–4, 2026 | OECD | Ministerial Council Meeting, Paris (Finland chair) | Track communiqué cyber language for downstream framing. (Finnish Govt) |
| June 5, 2026 | TSA | "Critical Facility Information from the Top 100 Most Critical Pipeline Operators" IC comments close | Comment if your VDP covers pipeline infrastructure. (Federal Register) |
| ~June 2026 | House Armed Services / CITI | FY27 NDAA full-committee markup (HASC, targeted second week of June; CITI cyber subcommittee print ~1 week prior) | Track cyber provisions; SASC schedule TBD. (Punchbowl) |
| June 11, 2026 | EU Commission | EU CRA: Member States must designate notifying authorities for Conformity Assessment Bodies | EU vendor obligation kicks; first concrete CRA enforcement scaffolding. (EC CRA Implementation) |
| June 14–19, 2026 | FIRST | 38th Annual FIRST Conference — "Peak Defense," Sheraton Denver Downtown | Register if your VDP work overlaps CSIRT coordination. (FIRST 2026) |
| June 15, 2026 | TSA | Cybersecurity Measures for Surface Modes NPRM (IC revision) comments close | Comment if your VDP covers surface transport assets. (Federal Register) |
| June 16, 2026 | Hackers on the Hill / I Am The Cavalry | Hackers on the Hill DC at the US Capitol | Register and join the security-research delegation to the Hill (see Friends section below). (hackersonthehill.org) |
| June 18–19, 2026 | UNIDIR | Global Conference on AI, Security and Ethics 2026, Palais des Nations, Geneva + online | Policy-grade companion to the Glasswing/Daybreak coverage; free virtual attendance. (UNIDIR event) |
| June 19–21, 2026 | REcon | REcon Montreal 2026 (training Jun 15–18) | Reverse-engineering and offensive research — high-signal smaller venue. (recon.cx) |
| June 22–26, 2026 | OWASP | Global AppSec EU 2026, Vienna (training Jun 22–24; conference Jun 25–26) | Register if AppSec / SDLC adjacent. (OWASP AppSec EU) |
| June 22, 2026 | SEC | Concept Release on Consolidated Audit Trail and Other Audit Trails comments close (S7-2026-12) | Comment on CAT data-security regime if relevant to your sector. (Federal Register) |
| June 30, 2026 | EU Commission | NIS2 first compliance audit deadline (extended from Dec 2025) | Audit-ready posture for in-scope operators. (NIS2 timeline) |
| July 17, 2026 | Black Hat | Academic Registration deadline (4pm PT) | Apply for academic-rate Black Hat USA 2026. (Black Hat US-26) |
| July 17, 2026 | DEF CON | DEF CON 34 regular registration ($580 → $600) | Last pricing tier before onsite LineCon. (DEF CON) |
| July 31, 2026 | DEF CON | DEF CON 34 preregistration closes (8:59pm EDT) | Final online registration cutoff. (DEF CON) |
| September 11, 2026 | EU Commission / ENISA | EU CRA actively-exploited vulnerability reporting (24h early warning, 72h full notification, 14d final report) becomes binding | Stand up CRA-aligned intake workflow; ENISA Single Reporting Platform live. (CRA Reporting) |
| September 30, 2026 | Congress | CISA 2015 (Cybersecurity Information Sharing Act) sunset | Track reauthorization; absent action, FOIA exemptions and liability protections for threat-indicator sharing expire. (Hunton analysis) |
| December 11, 2027 | EU Commission | EU CRA full obligations effective (long-term support, conformity assessment) | Plan multi-year vendor support commitments into VDP scope. |
Most time-sensitive: Cisco Catalyst SD-WAN CVE-2026-20182 remediation (May 17, FCEB deadline, three days from KEV listing). Microsoft Exchange OWA CVE-2026-42897 (May 29 FCEB) is the secondary callout — two weeks to remediate and worth flagging the NVD/Microsoft CVSS dispute (6.1 vs 8.1) to anyone calibrating triage thresholds off NVD alone.
Watch for: UK Cyber Security and Resilience Bill is in Lords stages through Q2 2026 — the CyberUp Campaign is pushing CMA statutory-defence amendments here. AG Capeta's March 19 opinion in Elisa Eesti AS v Estonian Government Security Committee (CJEU C-354/24) on 5G vendor bans may produce a judgment in this window. (UK CSR Bill, CJEU AG opinion)
This Week in Policy
AI & Emerging Tech Security
- AISI report quantifies autonomous AI cyber capability doubling every 4.7 months (May 13, 2026): UK AI Security Institute published longitudinal data finding frontier-model 80%-reliability cyber task horizon (with 2.5M token limit) has doubled every 4.7 months since reasoning models emerged in late 2024, an acceleration from AISI's November 2025 estimate of 8 months. Claude Mythos Preview and GPT-5.5 both exceed the trend; Mythos solved AISI's "The Last Ones" 32-step network attack range in 6 of 10 attempts and the previously-unsolved "Cooling Tower" ICS range in 3 of 10 attempts (first model to complete the second range). METR's parallel software-engineering measurement converges on a 4.2-month doubling estimate, giving cross-source validation. (AISI blog, Help Net Security)
- Microsoft signs CAISI and AISI pre-deployment evaluation agreements (May 5, 2026): Microsoft joins Google DeepMind and xAI on the CAISI side, formalizing classified-environment evaluation of frontier models for cyber, biosecurity, and chemical-weapons risks. UK AISI partnership covers collaborative testing and safeguard assessment. (Microsoft On the Issues)
- Why it matters for VDP: The "frontier labs publish numbers, government institutes confirm them, vendors get tiered access" loop is now its own coordination structure parallel to traditional CVE / KEV workflows. The 4.7-month doubling estimate is the headline data point to cite when explaining to leadership why VDP triage SLAs calibrated in 2024 are now under-resourced.
Federal Strategy & Regulation
- CISA launches CI Fortify initiative (May 5, 2026): New guidance to electric utilities and other critical-infrastructure operators directing them to plan for geopolitical-conflict scenarios in which OT networks are actively compromised and connectivity to telecoms, internet, vendors, and service providers is degraded or absent. Two core planning objectives: Isolation (proactive disconnection from third-party and business networks) and Recovery (sustaining essential service delivery in degraded comms). First formal federal acknowledgment that nation-state destructive cyberattack against US utilities is a near-term contingency to plan for now, not a hypothetical. (CISA CI Fortify page, SecurityWeek)
- Why it matters for VDP: Operators following CI Fortify guidance will likely tighten what they accept through public VDP channels (especially anything touching OT segments) and shift toward authenticated researcher access. Expect a flurry of CI sector VDP scope rewrites in Q3.
- CVE-2026-20182 Cisco Catalyst SD-WAN Controller authentication bypass (CVSS 10.0) added to KEV (May 14, 2026): Active exploitation attributed by Cisco with high confidence to UAT-8616, same actor cluster behind weaponization of CVE-2026-20127. FCEB remediation deadline May 17. (The Hacker News)
- CVE-2026-0300 Palo Alto PAN-OS User-ID Authentication Portal buffer overflow (CVSS 9.3) added to KEV (May 6, 2026): Unauthenticated remote code execution as root on PA-Series and VM-Series firewalls where the captive portal is internet-reachable. Patches shipped May 13. FCEB deadline was May 9. (The Hacker News)
CVE & Vulnerability Programs
- CVE program funding stable through 2026, no near-term cliff: CVE board confirmed in late-May briefings that there is no funding cliff in March and that operations and planning extend well beyond that horizon. CVE Foundation continues to develop governance options that would reduce sole reliance on US government funding. (CSO Online)
- Why it matters for VDP: The 2025 funding scare is genuinely behind us, but the underlying single-funder dependency is not. CVE Foundation governance reform is the file to watch through the rest of 2026.
Legal & Researcher Protections
- UK Computer Misuse Act statutory defence remains in active drafting, no bill text yet: Security Minister Dan Jarvis's December 2025 commitment to amend the CMA is still operative. The CyberUp Campaign in April published its four-pillar proposed framework (harm-versus-benefit, proportionality, intent, competence). No legislative vehicle named; reform pace unchanged from Issue #14. (Computer Weekly)
- DOJ 2022 good-faith CFAA charging policy remains the operative US protection: No legislative movement on a statutory good-faith defence. Third Circuit's August 2025 NRA Group v. Durenleau decision continues to narrow workplace-policy CFAA applications post-Van Buren, but does not extend to a general security-research safe harbor. Policy provides no defence against private civil claims. (Sidley Data Matters)
International Developments
- UN Cybercrime Convention requires 40 ratifications by December 31, 2026 to enter into force: Hanoi-signed text continues to draw signatories. Researcher-protection language remains weak; civil-society opposition continues. No additional negotiation sessions scheduled before January 2027. (Just Security analysis)
- NZ Cyber Security Action Plan 2026-2027 advances Privacy Act civil-penalty regime (Action 8): Ministry of Justice tasked with advising on options to introduce a civil pecuniary penalty regime to the Privacy Act 2020. Would be New Zealand's first civil-penalty mechanism for privacy breaches. (IAPP regional notes)
Worth Reading
- Defender's Guide to the Frontier AI Impact on Cybersecurity: May 2026 Update (Palo Alto Networks Unit 42): Updated synthesis of frontier-model offensive and defensive capability shifts since Glasswing and Daybreak. Useful as a single citation when briefing leadership on why the AI cyber story is now operational and not speculative.
- Anthropic's Mythos Moment: How Frontier AI Is Redefining Cybersecurity (World Economic Forum): WEF framing of restricted-consortium defensive AI as a governance pattern. Read alongside this issue's top story to see how the multilateral conversation is positioning Glasswing-style structures.
- CISA's CI Fortify Initiative Signals a Shift in How the U.S. Government Thinks About Grid Threats (Power Magazine): Useful sector-operator framing of CI Fortify for anyone whose VDP covers electric, water, or pipeline infrastructure.
- Researchers Say AI Just Broke Every Benchmark for Autonomous Cyber Capability (CyberScoop): Plain-language read on the AISI report. Good to forward to non-technical stakeholders.
Friends of disclose.io
Hackers on the Hill: June 16, 2026 at the US Capitol
Hackers on the Hill is the all-volunteer initiative from I Am The Cavalry that has been bringing security researchers face-to-face with policymakers since 2017. They build trusted spaces where technical truth meets policy power: rooms where vulnerability disclosure, CVE program governance, CFAA reform, and AI cyber capability are not abstractions but live problems being explained by the people who actually work them. No one gets paid. No one is selling anything. Participants explicitly do not pitch products or promote employers. That discipline is what gives the conversations their weight.
The next DC event is at the Capitol on June 16, 2026. Registration opened around May 1 and is live now on the Hackers on the Hill site. If your work touches anything we have covered in Policy Pulse over the last fifteen issues (CVE funding, CFAA, CMA, EU CRA, AISI/CAISI, KEV, Glasswing, Daybreak, CIRCIA), this is the room where that work gets translated into language Congressional staffers and agency principals can act on. Whether you go to listen, to brief, or to volunteer for future events, showing up is how the policy surface area of our community keeps growing.
How to get involved this week:
- Subscribe to the newsletter at hackersonthehill.org — no spam, no ads, no selling, just updates on upcoming events and registration windows.
- Register for the June 16 DC event through the site. If you are a researcher, practitioner, or program operator with a story to tell on the Hill, this is your window.
- Suggest a location or volunteer if you can help organize a future event. The team has run DC, Ottawa, London, and Den Haag rooms; the model travels well.
Hackers on the Hill is the sort of community infrastructure that makes the policy work in this newsletter possible. We are pleased to amplify it, and disclose.io will be there on June 16.
Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.
Have a tip or want to contribute? Reply to this email, reach out on Bluesky or X, or drop a comment here.
