AGP Executive Report

On-Prem AI Push: Understand Tech just launched an on-premise “AI Application Factory” with a no-code App Builder plus a secured NVIDIA GB10 appliance—aimed at regulated and technical teams that can’t send data outside the building. AI Security Arms Race: Anthropic moved fast by buying Stainless, the SDK pipeline behind major AI API ecosystems, reshaping toolchain ownership for OpenAI/Gemini-style deployments. Enterprise AI Reality Check: Abridge’s clinical note-summarization rollout at Kaiser Permanente is helping some workflows but still misses nuance, forcing clinicians to correct outputs. Workforce Buildout: UTSA unveiled a College of AI, Cyber and Computing to feed San Antonio’s growing tech and security pipeline. Policy & Compliance: Kerala opened SSLC revaluation for 2026, but explicitly excludes the IT paper from revaluation services. Auto Tech Watch: Stellantis says a small, affordable “E-Car” is planned for production in Europe starting in 2028 at Pomigliano d’Arco.

Brazil’s Software Reality Check: Brazil’s 2026 software market is moving fast—Pix has reset expectations and biometric ID is becoming baseline, while compliance pressure is pushing vendors to meet local technical and regulatory demands or face fines and abandonment. Car Tech Update: Android Auto’s 2026 upgrade brings Full HD video apps (with audio-only while driving), Dolby Atmos support, and more Gemini-powered features. Security Watch: Microsoft says Edge version 148 will stop keeping saved passwords loaded in plaintext memory, after researchers flagged the risk. Gov IT Disruption: A TRIO municipal payments outage hit dozens of Maine towns, blocking vehicle registrations and taxes until systems came back. AI + Media Rights: OSCE convened Uzbekistan stakeholders on AI’s impact on journalism and how to protect media freedom amid big tech platform influence. India Betting Workarounds: Despite India’s online betting crackdown, Kalshi and Polymarket are still onboarding users, with MeitY warning VPN providers. Campus Delivery: Western Washington University added 24/7 Amazon Hub lockers with app-based verification for secure pickup.

Autonomous 5G in Mining: Jinchuan’s Longshou Mine is using 5G-powered, driverless electric locomotives controlled from above-ground, cutting the need for on-site operators deep underground. Defence Tech Partnership: Keysight and SRC are teaming up to accelerate electronic warfare simulation and scenario generation, aiming to modernize open, software-defined test environments. Education & Exam Security: A fresh Supreme Court petition in India pushes for NEET-UG to move to computer-based testing from 2027, arguing pen-and-paper systems keep creating security and leak risks. Cyber Safeguarding at Scale: UK nursery group Kids Planet is rolling out CPOMS safeguarding and wellbeing tools across 290+ sites to standardize incident logging and staff welfare. Market Pressure on IT: Reports say India’s NSE IT index is down over 26% in 2026 as investors worry AI is shifting spending away from traditional outsourcing. Local Tech & Connectivity: ProSat Networks expands Starlink installation and wireless networking services in Missouri, targeting the state’s unserved and underserved broadband gaps.

Telecom Expansion: Bangladesh’s Bangla Phone just got government approval for a Nationwide Telecommunication Transmission Network (NTTN) licence, making it the 7th operator cleared to build and run nationwide fibre-optic transmission and share infrastructure—after an earlier rejection under the interim government. AI in Healthcare: A new report highlights how AI note-taking is rolling into clinics, but clinicians are still correcting summaries when the tool misses clinical nuance and emotional tone. Cybersecurity Push: Japan plans guidelines for using Anthropic’s Claude Mythos to help software providers check for vulnerabilities, while Vietnam’s SpecterAI and CCLab Forge are partnering on cybersecurity certification and post-quantum compliance. Data & Agents: Publicis agreed to acquire LiveRamp to speed up “data co-creation” for smarter, agent-driven marketing and operations. Connectivity for Citizens: China launched a nationwide emergency communications platform to keep calls and data working during disasters. Education Testing: India says NEET-UG will shift to computer-based testing from next year, following the 2026 leak controversy.

AI Cybersecurity Shift: Google confirmed the first known case of attackers using AI to build a zero-day exploit, while OpenAI’s “Daybreak” pushes defensive AI coordination—both underline how fast AI is moving from “helping” to actively finding and weaponizing software weaknesses. Enterprise Payments for Agents: AWS previewed Bedrock AgentCore Payments, letting AI agents autonomously pay for APIs and services under spending limits—raising new governance, audit, and insurance questions for companies that assumed humans would approve every transaction. India Fintech Pressure: A new report says ~30% of Indians face loan/credit-card rejections with little/no explanation, and many don’t understand credit scores—fueling demand for AI tools that can prevent failures before they happen. Local Tech Policy: Maharashtra briefly ordered Apple/Google to remove bike-taxi apps (Ola/Uber/Rapido), then paused after legal concerns—showing how quickly app-store enforcement can collide with court risk. Public Sector Training: UNESCO ran a Caribbean cybersecurity workshop for older adults across St. Kitts & Nevis, Grenada, and Antigua & Barbuda, focusing on media literacy and safer digital life.

Active Exploitation Alert: Microsoft and CISA are warning that Microsoft Exchange zero-days are being actively targeted, with CISA adding CVE-2026-42897 to its Known Exploited list and urging fast patching. E-commerce Skimmer Risk: WordPress Funnel Builder (FunnelKit) is under active abuse—attackers inject fake Google Tag Manager scripts to skim WooCommerce checkout payments, with a fix released in version 3.15.0.3. Education Cyber Fallout: TRU says it hasn’t seen impact from the Canvas breach tied to ShinyHunters, even as the incident reportedly hit thousands of schools and 275M people. Govt Data Security Push: India’s MeitY is running a national consultation to strengthen cybersecurity for state-held citizen data. Local Tech Policy: Maharashtra cyber authorities have issued notices to Google and Apple to disable bike-taxi apps like Ola/Uber/Rapido. Human Rights & Tech: UAE reporting alleges sectarian profiling and mass deportations of Pakistani residents, including detention and device confiscation.

Campus IT Planning: West Shore Community College trustees will review a $155,970 contract for a “Living Master Plan,” covering space use, facility condition, stakeholder input, and long-term capital planning, with work starting immediately and a trustee presentation expected in October 2026. Cybersecurity Guidance: UMass IT issued special instructions after the Canvas cybersecurity incident, urging the campus community to stay vigilant as Instructure reported certain user-related fields could be involved. Higher-Ed Risk in Focus: The Canvas outage and follow-on fallout keep showing up across schools, reinforcing how third-party platforms can ripple into access and operations. Policy & Compliance: HMRC refreshed guidance for Making Tax Digital for Income Tax, clarifying how affected self-employed people and landlords should choose software for digital record-keeping and submissions. Security Tech in Action: L3Harris unveiled Wraith Shield, a software upgrade that turns tactical radios into tools for detecting and jamming FPV drones.

AI Security Push: OpenAI’s Daybreak and Microsoft’s MDASH are both escalating the race to secure “operational” AI—moving from reactive defenses to systems that scan, validate, and act faster, with MDASH reportedly beating Anthropic’s Mythos on a real-world vulnerability benchmark. Windows Reliability: Patch Tuesday’s Windows 11 KB5089549 is failing installs and, for some, slowing internet after rollback loops. New Malware Tactic: Researchers warn of XWorm v7.4 using PyInstaller packaging plus AMSI memory patching to slip past Windows scanning. Education Disruption: Canvas is still in the spotlight after a major hack shut access for schools and forced last-minute chaos. Health AI: Singapore teams built an AI model to flag diabetes patients at high risk of lower-limb amputation years early, and they’re expanding rehab robotics with Fourier Rehab. Semiconductor Momentum: Rajasthan inaugurated India’s first SME-led chip assembly/testing/packaging facility in Bhiwadi.

Messaging Privacy Check: A quick reminder that many people leave risky defaults on—review 2FA, tighten who can see profile/status/“last seen,” and prune app permissions that go beyond what the app needs. Grok Disruption: xAI’s Grok is back in the spotlight after widespread app/web access problems, blank replies, and “high demand” messages—another reminder that even major AI services can stumble. Multilingual Healthcare Push: India’s Ministry of Ayush signed an MoU with BHASHINI to expand AI-powered translation/transcription across Ayush digital services in all 22 scheduled languages. Banking Cyber Focus: India is exploring a central tech hub (likely via NABARD) to help Regional Rural Banks share digital tools, analytics, and stronger cybersecurity. Canvas Ransom Fallout: Hong Kong’s privacy watchdog criticized the Canvas owner’s ransom handling and questioned whether paying guarantees full data recovery. AI Market Shock: New reporting says AI has erased $186B (45%) from India’s IT market value in under two years. Password Risk: A Kaspersky study flags that 68% of leaked passwords can be cracked within a day, with heavy digit/symbol patterns.

DOJ Data Demands: The U.S. Department of Justice is pushing subpoenas for at least 100,000 identities tied to a car “tinkering” app, seeking user addresses and purchase histories as part of its Clean Air Act case against EZ Lynk. UK Competition Probe: The CMA has opened a strategic market status investigation into Microsoft’s business software ecosystem, focusing on bundling, interoperability limits, and whether defaults block switching to rivals. Cyber Supply-Chain Shock: OpenAI says employee devices were hit after an earlier TanStack open-source compromise, where attackers published dozens of malicious versions designed to steal credentials and spread. Ransomware Reality Check: A survey finds nearly half of CISOs would consider paying ransomware to restore operations faster, despite repeated law-enforcement warnings. Auto Repair Fight: A commentary renews pressure for “right to repair” as automakers restrict access to vehicle diagnostic data and tools. Local Tech Tension (Ireland): A west Cork couple has appealed Amazon’s proposed transatlantic cable landing-station, arguing it harms their land’s future potential.

Workplace Protest: Meta workers are circulating flyers and pushing back on “mouse tracker” software, framing it as helping build their own replacements ahead of planned layoffs. Cybersecurity Funding: Georgia announced nearly $9.9M in state and local cybersecurity grants for 44 entities, with extra focus on K-12. Mobile Safety & Control: Samsung’s One UI 9 beta appears to add “network management for concentration,” potentially blocking distracting app categories at the Wi‑Fi level with PIN and scheduled controls. Education Tech Risk: Canvas services are back after a major breach, with Instructure saying it reached an agreement with the hacking group behind the incident. AI Security Push: Exaforce raised $125M to expand its AI-powered security operations platform, aiming to speed detection and response with agentic tools. Regulation & Access: India’s cyber crackdown ordered Google to remove six predatory loan apps from the Play Store within 36 hours.

App-Store Crackdown: India’s Delhi High Court ordered Google and Apple to curb obscene pornographic apps and content, stressing platforms must act with “due diligence” even during uploads. iPhone Update Push: Apple’s iOS 26.5 rollout is paired with a reminder to upgrade—older iOS 18 users are being nudged as security fixes land on newer cycles. Supply-Chain Shock: A new open-source variant of the “Shai-Hulud” worm is spreading through npm and PyPI packages, raising the stakes for package intake controls. OT Security Debate: Canadian critical-infrastructure leaders warn OT defenses may be getting too complex to work, calling for fundamentals over sophistication. Cyber Insurance Reality: A survey finds risk leaders worried about litigation, AI regulation, and cyber threats—yet many aren’t ready for what’s coming. New Market Move: Orange Cyberdefense expands into Spain with Madrid/Barcelona operations and a dedicated CyberSOC. Mobility Safety: Waymo recalls nearly 3,800 robotaxis after a software issue could let vehicles drive into standing water.

AI in Attacks: Google says AI is now actively helping criminals find and exploit software flaws, including a recent zero-day it stopped after spotting unusual activity. Android Push: Google unveiled Gemini Intelligence for Android with multi-step automation, plus Gemini 3.1 in Chrome and “Pause Point” in Android 17 to curb endless scrolling. Cybersecurity Race: The Pentagon is deploying Anthropic’s Mythos for faster vulnerability detection and patching, even as it plans to move away from Anthropic products. Health Data Governance: HHS’ ONC says TEFCA can make health data sharing faster and safer, while it explores more oversight to prevent fraudulent exchanges. Enterprise Delivery Leap: SHIFT ASIA launched an AI-driven development and testing service claiming up to 90% faster software delivery. Fintech Expansion: Pine Labs partners with GCash for Business in the Philippines to boost merchant payments and loyalty features. Scam Warning: ESET reports QR code scams are now about 1 in 10 threats in New Zealand, rising fast since March.

AI Cybersecurity Race: OpenAI launched “Daybreak,” pitching a Codex-centered approach to find vulnerabilities and validate patches, as the broader AI-vs-AI security arms race keeps heating up. Platform Compliance: The FTC chairman urged major tech firms to follow the Take It Down Act, with a 48-hour removal expectation for non-consensual intimate imagery requests. Android Push: Google rolled out Android 17 upgrades focused on scam blocking and tighter privacy controls (like temporary location access), while teasing “Gemini Intelligence” and new Android-first laptop plans (“Googlebooks”). Enterprise AI Tools: Anthropic expanded Claude into legal software with integrations for tools like Box and Microsoft 365, adding more connectors for law-firm workflows. Sports Betting Payments: Several states are moving to ban credit cards as betting deposits, with Ohio and Colorado leading the charge. Local Tech Growth: Dr. RVR NRIU in India gained deemed-to-be university status and expanded programs including AI, data science, and cyber security.

AI Cybercrime Escalation: Google says North Korea and China are using AI to hunt for unknown software flaws and even build zero-day exploits—one attempt was blocked before a mass exploitation push, but the trend is clearly accelerating. OpenAI Security Push: OpenAI launched Daybreak with Cloudflare, Oracle and Cisco to speed cyber defense, and also offered EU open access to its cybersecurity tools while Anthropic remains silent. RegTech Spend: A new report finds nearly two-thirds of financial institutions plan to increase RegTech spending in 2026, signaling compliance automation is moving from “nice to have” to budget priority. India IT Caution: Indian IT firms are bracing for “AI-deflation” and muted FY27 growth even as AI revenues rise; meanwhile, IT stocks slid on global risk-off fears. Malaysia Child Safety: Malaysia is weighing restrictions on DMs and profile search for users under 16 as part of an age-verification push after Ops Cyber Guardian uncovered massive CSAM files. Enterprise Automation: Exterro unveiled an agentic AI Subpoena Manager aimed at cutting subpoena intake/routing from 90 minutes to as little as five.

AI Cybersecurity Shockwave: The IMF is warning regulators to treat AI models like Anthropic’s Mythos as a systemic financial risk, not just a firm-level problem—because shared cloud and software could let one breach ripple across banks. Model Access Talks: The European Commission says it’s in discussions with OpenAI and Anthropic about access to new AI models, with OpenAI offering access to GPT-5.5-Cyber while Anthropic’s Mythos talks are still early. Website Attacks Jump: A new report claims AI-driven website attacks surged 12x over 12 months, with SMBs facing faster flaw-to-attack timelines. Consumer Tech Costs Rise: Nintendo’s Switch 2 price hike and other electronics increases are being blamed on strained memory chip supply tied to AI data-center demand. Auto Trade Pressure: US lawmakers are urging Trump not to open the US auto market to China ahead of a Xi meeting. EV Charging Expansion: Vontier’s Driivz will scale Duracell E-Charge’s ultra-fast network across the UK. Apple Security Update: iOS/macOS 26.5 adds encrypted RCS messaging (beta) plus other fixes.