Story 1 — Canvas breach fallout hits schools

Story 2 — Apple and Intel chip-making deal (reported)

Story 1 — U.S. expands pre-release AI evaluations
The Center for AI Standards and Innovation (CAISI), part of the U.S. Department of Commerce, announced new agreements with Google DeepMind, Microsoft, and xAI to enable pre-deployment evaluations of advanced AI models.

CNBC (May 5, 2026): Trump admin. moves further into AI oversight, will test Google, Microsoft and xAI models

Story 2 — Office vulnerability exploited within 48 hours
Researchers reported Russian state-linked hackers exploited Microsoft Office vulnerability CVE-2026-21509 in under forty-eight hours after an urgent patch, highlighting shrinking time windows for remediation.

Ars Technica (Feb. 4, 2026): Russian-state hackers exploit Office vulnerability to infect computers

Story 1: Washington considers a 72-hour patch clock

Reuters reports U.S. cybersecurity officials are discussing shrinking the default remediation window for actively exploited vulnerabilities in CISA’s Known Exploited Vulnerabilities catalog from roughly two to three weeks to three days.

Source: Reuters via The Star (May 2, 2026)

Story 2: White House weighs AI model vetting before broad release

Bloomberg reports the White House is considering an executive order that would create a vetting system for new AI models to reduce AI-related cybersecurity risks, according to National Economic Council Director Kevin Hassett.

Source: Bloomberg (May 6, 2026)

Story 1 — Apple settles shareholder lawsuit tied to delayed Siri AI upgrades
Reuters reports Apple agreed to pay $250 million to settle a shareholder lawsuit connected to delays in AI upgrades for Siri.

Reuters technology page (story listing)

Story 2 — Infineon lifts outlook as AI data centers drive demand for power supply solutions
Reuters reports Infineon raised its full-year outlook; it cited €3.81 billion in quarterly revenue and projected about €1.5 billion in AI-related power-supply revenue in fiscal 2026.

Reuters via Global Banking & Finance Review

Story 1: U.S. weighs new AI chip export conditions

Reuters — US mulls new rules for AI chip exports, including requiring US investments by foreign firms

Story 2: CISA adds three exploited iOS vulnerabilities to its catalog

Ars Technica — CISA adds 3 iOS flaws to its catalog of known exploited vulnerabilities

Story 1 — Alphabet investors push for safeguards on cloud and AI
A shareholder coalition is asking Alphabet to explain how it governs government use of its cloud and AI technology, citing concerns about surveillance and contract guardrails.

Story 2 — EU AI rules talks stall
EU countries and lawmakers failed to reach a deal on a watered-down version of the AI Act after 12 hours of negotiations, with talks set to resume next month.

Sources

• Reuters — Alphabet investors push for safeguards on use of its cloud, AI tech
• Reuters — EU countries, lawmakers fail to reach deal on watered-down AI rules

Story 1 — EU shifts Digital Markets Act focus toward cloud and AI
EU regulators said they are turning attention to cloud services and artificial intelligence under the Digital Markets Act, including assessing whether some AI offerings qualify as core platform services and investigating whether Amazon and Microsoft should be labeled gatekeepers for cloud services.

Reuters — EU rules reining in Big Tech will now target cloud services and AI, regulators say

Story 2 — Medtronic reports unauthorized access to corporate IT systems
Medtronic said an unauthorized party accessed data in certain corporate IT systems, and stated it has not identified impacts to products, patient safety, manufacturing and distribution operations, or financial reporting systems.

Medtronic — statement on unauthorized system access

Story 1: EU Chips Act II draft would let the Commission invest directly in fabs
Why it matters: A more active EU role could reshape where semiconductor capacity gets built and how resilient supply chains become.

Bloomberg: EU Chips Act Revamp Would Let Commission Invest Directly in Fabs

Story 2: Over 40% of UK firms suffered a cyber attack last year, survey finds
Key figures: Forty three percent of businesses reported a breach or attack; roughly six hundred twelve thousand businesses reported at least one incident; phishing affected thirty eight percent.

Reuters: Over 40% of UK firms suffered cyber attack last year, survey finds

Story 1 — CopyFail: a critical Linux patch race
Ars Technica reports a newly publicized Linux local privilege-escalation flaw, CVE-2026-31431 ("CopyFail"), with exploit code circulating as many distributions race to ship kernel updates.

Ars Technica — The most severe Linux threat to surface in years catches the world flatfooted

Story 2 — China’s four-month AI enforcement campaign
Reuters reports China’s cyberspace regulator is launching a four-month campaign, in two stages, focused on AI application "malpractices" including security evaluations, data poisoning, registration, and labeling of AI-generated content.

Reuters — China launches months-long campaign against AI misuse

Story 1: GitHub rushed to fix a critical remote code execution vulnerability in less than six hours after it was reported by Wiz Research, and said a forensic review found no signs of exploitation.

The Verge — GitHub rushed to fix a critical vulnerability in less than six hours

Story 2: A London tribunal ruled Microsoft must face a mass lawsuit that could be worth up to two point one billion pounds, alleging it overcharged customers to run Windows Server on rival cloud providers.

Reuters — Microsoft must face two point eight billion dollar UK lawsuit over cloud computing licences