The Google Threat Intelligence Group (GTIG) reported the first instance of cybercriminals successfully using AI to develop functional zero-day exploit code. The vulnerability targets a two-factor authentication bypass flaw in an open-source web system administration tool. The attackers planned a large-scale campaign but failed to fully execute due to implementation errors. Evidence of AI involvement was found in the attack code, including hallucinated CVSS scores and structured formatting consistent with LLM training data patterns. Google has disclosed the issue to the vendor and facilitated remediation. The report notes that North Korean APT45, China-linked UNC2814, and Russian hacking groups are all leveraging AI to accelerate vulnerability discovery and malware generation. Google is promoting AI defense tools such as Big Sleep and CodeMender to counter these threats.

OpenAI announced the formation of OpenAI Deployment Company, backed by over $4 billion in initial funding from 19 institutions led by TPG, with OpenAI retaining control and operational leadership. The new entity will embed cutting-edge AI engineers directly within enterprise clients to drive large-scale model deployment. Concurrently, OpenAI acquired UK-based AI consulting firm Tomoro, gaining approximately 150 deployment engineers serving clients including Mattel, Red Bull, and Tesco. The company aims to build a team of 2,000 to 4,000 personnel within three years, expecting significant initial losses. This move marks OpenAI’s strategic shift from a model provider to an enterprise-grade deployment service, aiming to close the gap with Anthropic in the enterprise market. The new entity is valued at $10 billion.

Anthropic has launched Claude Platform on AWS, enabling customers to access the full suite of native Claude platform capabilities—including Claude Managed Agents (beta), code execution, web search, MCP connectors, and file API—directly through their AWS accounts. Supported models include Opus 4.7, Sonnet 4.6, and Haiku 4.5. Users authenticate via AWS IAM, pay through AWS Marketplace on-demand billing, and audit via CloudTrail. AWS is the first cloud provider to offer native access to the Claude platform. Unlike Claude on Amazon Bedrock, this service is operated by Anthropic, with data processing occurring outside AWS's security boundary, making it suitable for enterprises without strict data residency requirements.

Google DeepMind has introduced an AI co-mathematician multi-agent system based on Gemini 3.1, achieving a 48% score in autonomous mode on the FrontierMath Tier 4 benchmark—significantly surpassing Gemini 3.1 Pro (19%), GPT-5.5 Pro (39.6%), and Claude Opus 4.7 (22.9%). The system employs a hierarchical multi-agent architecture where a project coordinator decomposes problems and assigns them to specialized sub-agents skilled in literature retrieval, computational exploration, proof derivation, and error review. Oxford professor Marc Lackenby used the system to solve a 60-year-old open problem in group theory from the Kourovka Notebook. Internal testing shows an 87% accuracy rate; the system is currently in limited release.

Kuaishou Technology is accelerating the spin-off and IPO plans for its AI video product Kling, aiming for an independent listing next year. Kuaishou has begun discussions with potential investors regarding Pre-IPO financing, with an estimated valuation of $20 billion (approximately 130 billion RMB). Analysts suggest this move aims to revalue its AI business, as Kuaishou's overall market cap stands at just over 200 billion HKD, while comparable large model companies such as Zhipu AI and MiniMax have exceeded 200 billion HKD post-listing. Kling's stronger-than-expected commercial progress has further boosted market confidence in its standalone growth potential.

China's State Council has released its 2026 legislative agenda, identifying AI governance and healthy AI development as key priorities for systemic legislation. The plan accelerates legislative efforts in critical areas including data, computing power, algorithms, intellectual property, cybersecurity, and supply chain security, while establishing norms for high-impact AI applications. On the same day, Guangzhou issued its 'Guangzhou Artificial Intelligence Industry 2026 Work Plan,' proposing to build two general-purpose technology service platforms, cultivate 40 vertical large models, and deploy 450 AI application scenarios, alongside expedited promulgation of supportive regulations. An AI industry investment fund will be established in the first half of 2026, exploring inclusive and prudent regulatory models such as regulatory sandboxes.

Anthropic has introduced Agent View for Claude Code (research preview), allowing developers to manage all active AI coding sessions within a single interface. The feature supports background tasks, context switching, and status overviews, categorizing tasks into states such as 'Needs Input,' 'In Progress,' and 'Completed.' Developers can convert common workflows into Skills—reusable functions that can be scheduled in parallel. The AI intelligently pauses and requests user input when necessary. A demo video showcases the agent autonomously running terminal commands (e.g., EXPLAIN ANALYZE) to identify performance bottlenecks. Users can start by running the 'claude agents' command.

OpenAI has announced the Daybreak cybersecurity initiative, leveraging advanced models like GPT-5.5 and Codex tools to help organizations automate security detection, validation, and response. The program aims to empower cyber defenders with frontier AI capabilities to accelerate vulnerability patching and software security assurance. Executives including Sam Altman and Greg Brockman actively promoted the project on social media, inviting enterprise collaboration. Daybreak's launch coincides with Google's report on AI-assisted zero-day attacks, highlighting AI's growing significance on both offensive and defensive sides of cybersecurity.

Coursera has completed its all-stock acquisition of Udemy, formally merging the two online education giants. The combined company is valued at approximately $2.5 billion. Andrew Ng announced the news on social media, stating the goal is to create the world’s most comprehensive skills training platform. The merger responds to rapidly evolving workforce training demands in the AI era, integrating Coursera’s academic course offerings with Udemy’s vocational skills ecosystem. The unified platform will cover end-to-end learning pathways from academia to career, offering global learners richer skill development options for the AI age.

Cybersecurity research firm Hidden Layer revealed a malicious code repository impersonating an official OpenAI privacy protection tool on Hugging Face. It garnered around 244,000 downloads and 667 likes in less than a day, briefly topping trending charts. The core malicious file, loader.py, executes encrypted PowerShell commands that ultimately deploy a Rust-based data-stealing program capable of harvesting Discord tokens, cryptocurrency wallets, and browser passwords. Researchers suspect artificial inflation of download and like counts. Five other suspicious repositories using similar loaders were also identified. The attack infrastructure had previously been used to distribute malware such as ValleyRAT.