Enterprise AI agents are creating security vulnerabilities by often running with broad permissions, allowing actions beyond user access and weakening IAM controls. Traditional security controls are built around human users and direct system access, making them poorly suited for agent-mediated workflows where authorization is evaluated against the agent's identity rather than the requester's.

Source: The Hacker News

Anthropic's Model Context Protocol (MCP) has become the standard for AI agent connectivity, with OpenAI and Microsoft embracing it and Anthropic donating it to the Linux Foundation's new Agentic AI Foundation. With MCP reducing friction of connecting agents to real systems, 2026 is likely to be the year agentic workflows finally move from demos into day-to-day practice.

Source: TechCrunch

Microsoft launched agentic features in Dynamics 365 with preview scheduled for February 2026, enabling retailers to build autonomous customer experiences. Meta acquired Manus, an AI agent startup specializing in coding and market research agents, for $2 billion, signaling big tech is paying premium prices for proven agent technology.

Source: AI Agent Store

AI agents are increasingly dominating news cycles with rapid integration into critical sectors like space exploration, retail, and cybersecurity, moving from autonomous decision-making on interplanetary missions to enhancing customer experiences. By 2027, systems with intelligence rivaling the smartest humans could emerge, but the rise of AI agents is both thrilling and daunting.

Source: Mean.ceo

Microsoft Agent Framework's general availability is set for Q1 2026 with production SLAs, multi-language support (C#, Python, Java), and deep Azure integration. The framework has been in public preview since October 2025, offering native Azure integration, compliance guarantees (SOC 2, HIPAA), and formal support contracts for enterprises.

Source: Medium

OpenAI announced it will retire GPT-5 (Instant and Thinking), GPT-4o, GPT-4.1, GPT-4.1 mini, and o4-mini from ChatGPT on February 13, 2026, citing low usage and a shift toward newer models. Only 0.1% of users still choose GPT-4o each day as most usage has shifted to GPT-5.2.

Source: Business Standard

OpenAI confirmed the retirement of GPT-4o alongside GPT-5 variants on February 13, 2026, after GPT-5.2 started meeting user expectations. The company incorporated user feedback from GPT-4o into the development of GPT-5.1 and GPT-5.2, with improvements to personality and creative ideation features.

Source: BleepingComputer

OpenAI released GPT-5.2-Codex, described as the most advanced agentic coding model yet for complex, real-world software engineering. A security researcher using GPT-5.1-Codex-Max discovered and responsibly disclosed a React vulnerability that could lead to source code exposure, demonstrating the model's enhanced cybersecurity capabilities.

Source: OpenAI

GPT-5.2-Codex achieved 56.4% accuracy on SWE-Bench Pro and 64.0% on Terminal-Bench 2.0, outperforming previous versions. The model is now available to paid ChatGPT Codex users with API access coming soon, and includes an invite-only pilot program for validated cybersecurity professionals.

Source: Cybersecurity News

Security engineer Andrew MacPherson from Privy used GPT-5.1-Codex-Max to investigate React2Shell vulnerability (CVE-2025-55182), which led to the discovery of previously unknown vulnerabilities in React Server Components that were responsibly disclosed. GPT-5.2-Codex achieves substantially higher accuracy in professional Capture-the-Flag competitions simulating real cyberattacks.

Source: Cyber Press

CVE-2026-21858, a critical n8n vulnerability with CVSS score 10.0, enables remote code execution without authentication and allows attackers to take over vulnerable instances. The vulnerability affects n8n's webhook and file-handling logic, potentially granting unauthenticated access to arbitrary files on about 100,000 servers globally.

Source: SecurityWeek

Microsoft addressed CVE-2026-20805, a zero-day vulnerability in Windows Desktop Window Manager that was already being exploited in real-world attacks. CISA added this vulnerability to its Known Exploited Vulnerabilities catalog with a remediation deadline of February 3, 2026 for federal agencies.

Source: SOC Prime

CISA added five new vulnerabilities to its KEV catalog on January 26, 2026, including CVE-2026-21509 (Microsoft Office Security Feature Bypass), CVE-2026-23760 (SmarterTools SmarterMail Authentication Bypass), and CVE-2026-24061 (GNU InetUtils Argument Injection). These vulnerabilities pose significant risks to federal enterprise systems.

Source: CISA

MediaTek published its February 2026 Product Security Bulletin on February 2, 2026, containing details of security vulnerabilities affecting certain MediaTek chipsets. The bulletin was published 18 hours ago according to the metadata.

Source: MediaTek

New vulnerabilities are growing at twice their long-term rate, with hundreds of proof-of-concepts and critical CVEs increasing pressure on IT and security teams. The report highlights several critical vulnerabilities including CVE-2025-66516 (Apache Tika XXE injection) and CVE-2025-15047 (Tenda router buffer overflow).

Source: Cyble

AWS launched new Amazon EC2 G7e instances powered by NVIDIA RTX PRO 6000 Blackwell Server Edition GPUs, delivering up to 2.3 times better inference performance compared to G6e instances. Amazon Corretto received quarterly security updates for LTS versions including 25.0.2, 21.0.10, 17.0.18, 11.0.30, and 8u482. Amazon ECR now supports cross-repository layer sharing through blob mounting.

Source: Amazon Web Services

AWS announced new Security Hub controls in AWS Control Tower, now supporting 176 additional controls in the Control Catalog. AWS Transform for VMware now supports network conversion for hybrid data center migrations. NVIDIA Nemotron 3 Nano 30B model became available on Amazon Bedrock.

Source: Amazon Web Services

AWS announced major updates to its Partner programs for 2026, including the new Partner Greenfield Program (PGP) for Migration, Modernization, Generative AI, and Security. AWS Partner Central is now available in the AWS Management Console with API automation capabilities and IAM-based user management. The Migration Acceleration Program will now encompass complete digital transformation including generative AI features.

Source: AWS Partner Network (APN) Blog

AWS introduced program updates rolling out January 1, 2026, including stronger incentives, simplified benefits, and new deal registration and billing capabilities. New MSP benefits were announced for Customer Management, Strategic Services, and Government Practice. Implementation follows a phased approach throughout 2026 with ongoing enablement sessions.

Source: AWS Partner Network (APN) Blog

Amazon is investing $125 billion to expand AWS and develop new processors like Trainium3, which are four times faster than previous versions. AWS grew by 20% in late 2025 and might increase by 30% in 2026 as it works through a $200 billion backlog. Analysts project AWS automation could save $7.5 billion annually by 2026.

Source: Yahoo Finance

Multiple critical vulnerabilities discovered in React Server Components with CVSS scores of 10.0, including CVE-2025-55182 enabling remote code execution and additional vulnerabilities CVE-2025-55184 (high-severity DoS) and CVE-2025-55183 (medium-severity source code exposure). All Next.js 13.x, 14.x, 15.x and 16.x users must upgrade immediately.

Source: Cybersecurity Dive

Next.js 16.1 released with Turbopack File System Caching for development (stable), new bundle analyzer, and easier debugging in Node.js. The release focuses on smoother builds, better dev server stability, and improved performance with turbopack and route caching optimizations.

Source: Next.js Official Blog

Next.js 16 launched with Turbopack as the default stable bundler (2-5x faster builds, 5-10x faster Fast Refresh), React Compiler Support (stable), enhanced routing with layout deduplication, and React 19.2 support including View Transitions. Breaking changes include async params and updated next/image defaults.

Source: Next.js Official Blog

Next.js 16.1 includes numerous fixes across core runtime, dev tooling, and React integration. Key improvements include fixes for Rspack errors, build CLI output issues, and turbopack optimizations for empty page entries and route caching.

Source: Releasebot