The NSA’s Artificial Intelligence Security Center published formal MCP security guidance on May 20, 2026 — flagging authentication gaps, overprivileged tools, and insecure context handling as systemic risks across MCP deployments. Two days later, an open-source tool landed that addresses exactly those concerns in a runnable, automated format. @hailbytes/mcp-security-scanner — published by David McHale (@hailbytes) — scans MCP server configurations for the three most common security issues that the NSA guidance calls out: overprivileged tools, missing authentication on transports, and prompt injection surface in unsanitized tool descriptions. ...

The Model Context Protocol just got officially reviewed by the U.S. intelligence community — and the findings are worth reading if you’re building or deploying MCP-connected agents. On May 20, 2026, the NSA’s Artificial Intelligence Security Center (AISC) published a Cybersecurity Information Sheet (CSI) titled “Model Context Protocol (MCP): Security Design Considerations for AI-Driven Automation.” It’s the first major government-level security guidance specifically targeting MCP — the protocol that has rapidly become the default way AI agents connect to tools, APIs, and data sources. ...

This is the latest in subagentic.ai’s ongoing coverage of the DoD-Anthropic fallout. Earlier reporting covered the February 28 supply-chain risk discussion, the March 4 contractor concerns, and the March 5 formal designation. This piece covers what’s happening now: active testing of replacement models. The Pentagon has moved from designating Anthropic a supply-chain risk to actively testing the models it wants to replace Claude with. According to reporting from Bloomberg (May 21, 2026), corroborated by DefenseOne and CryptoBriefing, the Department of Defense is running structured evaluations of OpenAI (ChatGPT), Google (Gemini), and xAI (Grok) on its GenAI.mil enterprise platform. ...

WordPress just crossed a milestone that mainstream developers have been watching for years: native AI agent infrastructure, baked directly into core. WordPress 7.0 “Armstrong” — named for jazz legend Louis Armstrong, released May 20, 2026 — is not another AI plugin. It’s a foundational shift. And it came with an immediate security warning. What WordPress 7.0 Actually Ships The headline AI features in WordPress 7.0 are three interlocking systems designed to make AI capabilities a first-class part of WordPress site development: ...

When Anthropic agreed to a $5 billion investment from Microsoft, observers expected closer hardware collaboration would follow. It appears that moment is arriving sooner than expected. According to reporting from CNBC, Reuters, and The Information, Anthropic and Microsoft are in early-stage discussions about using Microsoft’s custom Maia 200 AI chip to power Claude inference workloads. This is still a nascent conversation — no deal has been signed, and these talks remain preliminary. But even at this stage, the conversations reveal a great deal about where enterprise AI infrastructure is heading in 2026. ...

Most of Anthropic’s senior leadership crossed the Atlantic this week for a series of events across the United Kingdom — including Code with Claude London, the company’s first dedicated developer gathering in Europe. Fortune’s Eye on AI captured the moment: Boris Cherny, Claude Code’s creator and head, front and center at a company making a very deliberate statement about its European ambitions. The timing is significant. Claude Code — Anthropic’s terminal-based agentic coding environment — has crossed from developer curiosity into something that looks very much like mainstream enterprise tooling. And with that mainstreaming comes a new wave of complexity: technical, organizational, and deeply human. ...

The agentic AI development stack is getting a serious upgrade. CopilotKit — the open-source framework for building AI copilots and agents into applications — has introduced three new tools that together address a critical gap in the ecosystem: how do you build, test, and debug the UI layer of multi-agent systems? The three new tools are AG-UI, AIMock, and Pathfinder. Each addresses a distinct phase of the agentic development lifecycle. Together, they represent a coherent opinionated stack for agentic UI development in 2026. ...

At Google I/O 2026 on May 19th, Google announced something it calls Information Agents — and buried in the enthusiasm of a developer keynote was a feature that deserves much more critical scrutiny than it’s received. The concept sounds useful on its surface: persistent AI agents, powered by Gemini 3.5 Flash, that continuously monitor the web on user-defined topics, 24 hours a day, seven days a week. You set your interests, and the agent quietly watches for relevant developments, summarizing and surfacing them for you on demand. ...

OpenClaw v2026.5.20 dropped on May 21st, 2026 — and it’s a release worth understanding in detail. This update touches five distinct areas: Discord voice sessions, the Doctor security linter, xAI OAuth for headless environments, a broader security overhaul of skill execution, and a new Policy plugin system. Plus a handful of fixes and smaller improvements. Here’s a complete walkthrough of what’s new, what changed, and what you need to know before upgrading. ...

Anthropic Silently Fixed a Second Claude Code Sandbox Bypass — 130 Versions, No CVE, No Advisory If you’ve been running Claude Code between version 2.0.24 and 2.1.89, your network sandbox wasn’t doing what you thought it was. For approximately 5.5 months — across roughly 130 versions — a null-byte hostname injection vulnerability allowed an attacker to bypass the network sandbox’s allowlist entirely, enabling arbitrary outbound connections and potential exfiltration of credentials, source code, or any sensitive data accessible from your sandbox environment. ...