Citigroup has launched its new Arc platform to deploy autonomous AI systems across operations. The framework represents a decisive move toward cognitive automation in banking, though it raises concerns about labor displacement and competitive pressure in institutional finance.

Source: CodeGoTech

HubSpot has opened its CRM platform to AI agents and announced a new AI agent framework. Key developments to monitor include the speed of API parity deployment, emerging partner integrations, and whether customers cite agent-based workflows as consolidation drivers.

Source: SimplyWall.st

On May 5, 2026, OpenAI released GPT-5.5 Instant, which replaces GPT-5.3 Instant as ChatGPT's default model. The new model produces 52.5% fewer hallucinated claims than GPT-5.3 Instant on high-stakes prompts in medicine, law, and finance, and reduces verbosity while maintaining warmth and personality.

Source: TechCrunch

GPT-5.5 Instant launched on May 5, 2026, two months after GPT-5.3 Instant's March 3 release. The model uses 30.2% fewer words and 29.2% fewer lines while improving accuracy, focusing on conciseness and natural conversational tone without unnecessary formatting.

Source: 9to5Mac

CVE-2026-31431 (known as Copy Fail) is a high-severity local privilege escalation vulnerability affecting the Linux kernel's cryptographic subsystem, a nine-year-old flaw. Federal agencies have been advised to apply fixes by May 15, 2026.

Source: Microsoft Security Blog / CISA

A critical vulnerability affecting Palo Alto Networks firewalls is being actively exploited by attackers as of May 6, 2026. CVE-2026-0300 is a buffer overflow in the User-ID Authentication Portal that allows unauthenticated attackers to execute code with root privileges.

Source: Help Net Security

CVE-2026-23918 (CVSS 8.8) is a double-free flaw in HTTP/2 protocol handling affecting Apache HTTP Server 2.4.66, addressed in version 2.4.67. The vulnerability can be exploited to achieve denial-of-service and remote code execution.

Source: The Hacker News

Visual Studio Code releases smoother agent workflows with browser tab sharing, OpenTelemetry tracing, lighter-weight todo tracking, and improved trust controls. It also makes Markdown preview switching easier and speeds up development with TypeScript 7 and webview performance gains.

Source: Releasebot / GitHub

On April 27, GitHub announced that Copilot is moving to usage-based billing on June 1, 2026. This represents a significant shift in Copilot pricing structure affecting all VS Code users.

Source: Releasebot

This changelog covers releases v1.116 through v1.119, the releases shipped throughout April and early May 2026. Copilot can now search by meaning in any workspace and run grep-style queries. Agents gain inline diffs in chat, browser tab sharing, and read/write access to any open terminal.

Source: GitHub Changelog

At the "What's Next with AWS" 2026 event, AWS launched Amazon Quick—an AI assistant for work with a desktop app and expanded integrations—and expanded Amazon Connect into four agentic AI solutions for supply chain, hiring, customer experience, and healthcare. AWS and OpenAI are bringing the latest OpenAI models (including GPT-5.5 and GPT-5.4) to Amazon Bedrock, launching Codex on Amazon Bedrock, and launching Amazon Bedrock Managed Agents, powered by OpenAI (all in limited preview).

Source: AWS News Blog

Amazon EC2 M8in and M8ib instances are now generally available, powered by custom 6th-gen Intel Xeon Scalable processors, delivering up to 43% higher performance, with M8in offering 600 Gbps network bandwidth and M8ib delivering 300 Gbps EBS bandwidth. Amazon EC2 R8in and R8ib instances are now generally available as memory-optimized instances built on the same processors and Nitro cards.

Source: AWS News Blog

Amazon Q Developer IDE plugins and paid subscriptions will reach end of support on April 30, 2027. New signups will be blocked starting May 15, 2026, although existing subscriptions can continue to add users.

Source: AWS News Blog

AWS announces the general availability of the AWS MCP Server, a managed remote Model Context Protocol server that gives AI agents and coding assistants secure, authenticated access to all AWS services, part of the Agent Toolkit for AWS.

Source: AWS News Blog

Claude Security was released in public beta for Claude Enterprise customers on May 5, 2026, bringing code vulnerability scanning and proposed fixes with Opus 4.7. The update adds scheduled scans, targeted scans, better triage tracking, and easier exports and workflow integrations.

Source: Releasebot

Claude Code adds plugin URL loading, smarter package-manager auto updates, and new controls for sync output and gateway model discovery. The release also delivers fixes for sessions, editors, cache handling, OAuth, MCP, and VS Code.

Source: Releasebot

Anthropic is releasing ready-to-run finance agent templates and Claude add-ins for Microsoft 365 applications including Excel, PowerPoint, Word, and Outlook. The templates are designed for financial services work such as building pitchbooks and month-end closing, shipping as plugins in Claude Code and Cowork.

Source: Releasebot