{"vulnerability": "CVE-2026-48172", "sightings": [{"uuid": "c3cab02f-0dc1-4e4c-8413-ea4145fe075e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116614555970411904", "content": "A lot of offensive activities were identified targeting LiteSpeed User-End cPanel Plugin (CVE-2026-48172) https://vuldb.com/vuln/364981/cti", "creation_timestamp": "2026-05-21T20:55:19.354045Z"}, {"uuid": "f4c3d2b9-4865-46d1-a0e0-9a2f9b55bd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmdfp7calj2e", "content": "CVE-2026-48172 - LiteSpeed cPanel Plugin Privilege Escalation\nCVE ID : CVE-2026-48172\n \n Published : May 21, 2026, 12:38 a.m. | 1\u00a0hour, 38\u00a0minutes ago\n \n Description : LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in...", "creation_timestamp": "2026-05-21T02:46:13.501782Z"}, {"uuid": "53fdc162-6826-48a1-aa4c-a247268cee85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html", "content": "A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.\n\nThe flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an instance of incorrect privilege assignment that an attacker could abuse to run arbitrary scripts with elevated permissions.\n\n\"Any cPanel user (including an attacker or a compromised account) may", "creation_timestamp": "2026-05-23T05:35:13.000000Z"}, {"uuid": "b69734db-a230-4a0d-866f-f77875137751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3mmiye3ratv2i", "content": "CVE-2026-48172 in LiteSpeed cPanel Plugin exploited; update to v2.4.7 or uninstall immediately. #LiteSpeed #cPanel #CVE202648172 #PotatoSecurity #Vulnerability #PatchNow thedailytechfeed.com/critical-vul...", "creation_timestamp": "2026-05-23T08:05:30.854116Z"}, {"uuid": "a960e304-a1eb-464b-bad2-8eaec55caeac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmj25a6bnhu2", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in th...\n\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-23T08:35:47.298499Z"}, {"uuid": "b50a24d0-0043-4545-8663-e1a79b5a1d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3mmi27r4x4p2u", "content": "Critical 0-Day Alert: LiteSpeed cPanel Plugin Flaw (CVE-2026-48172) Actively Exploited for Full Root Access \u2013 Patch or Perish +\u00a0Video\n\nIntroduction A critical privilege escalation vulnerability, designated CVE-2026-48172 and carrying a maximum CVSS score of 10.0, is being actively exploited in the\u2026", "creation_timestamp": "2026-05-22T23:04:03.558267Z"}, {"uuid": "49e51a63-c1d1-4c78-b82c-5119121b1b5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/10586", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root \u2013 thehackernews.com\n\nSat, 23 May 2026 15:35:13", "creation_timestamp": "2026-05-23T12:03:30.000000Z"}, {"uuid": "8e6a4928-e3d6-4d63-a323-b77bdeec8a9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3mmjaa5ogbc2v", "content": "LiteSpeed cPanel Plugin \u306e CVE-2026-48172 \u306f\u3001\u6a29\u9650\u6607\u683c\u306e\u8106\u5f31\u6027\u3002\u653b\u6483\u8005\u306f\u4efb\u610f\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u3092root\u6a29\u9650\u3067\u5b9f\u884c\u53ef\u80fd\u3002", "creation_timestamp": "2026-05-23T10:24:18.714400Z"}, {"uuid": "a66d1f19-f22d-4074-9720-491213114c59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://t.me/thehackernews/9067", "content": "\ud83d\udea8 Active exploit: LiteSpeed cPanel root flaw.\n\nhttps://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html\n\nCVE-2026-48172 is a CVSS 10.0 vulnerability in LiteSpeed User-End cPanel Plugin that lets any cPanel user run arbitrary scripts as root.\n\n\ud83d\udd38 Affected: v2.3\u20132.4.4\n\ud83d\udd38 Not affected: WHM plugin\n\ud83d\udd38 Fix: upgrade to WHM Plugin 5.3.1.0 with cPanel plugin v2.4.7+\n\ud83d\udd38 IOC: cpanel_jsonapi_func=redisAble", "creation_timestamp": "2026-05-23T07:43:09.000000Z"}, {"uuid": "7b0302c4-43e6-45f0-87df-ef254cb1de18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "exploited", "source": "https://t.me/ctinow/250742", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root\nhttps://ift.tt/5lQjHSI", "creation_timestamp": "2026-05-23T08:09:34.000000Z"}, {"uuid": "975986b5-b271-4593-893b-1e6eb9ba98d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmooisxq3mt2", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 CVSS 10.0 Exploited A CVSS 10.0 flaw in the LiteSpeed cPanel plugin lets any authenticated user execute arbitrary scripts as root, compromising all tenants on...\n\n#Resources #Application #Security #CVE [\u2026] \n\n[Original post on dailysecurityreview.com]", "creation_timestamp": "2026-05-25T14:23:07.387719Z"}, {"uuid": "6520bf25-84b8-4a57-b204-9c3c2571a24f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/pvynckier.bsky.social/post/3mmllcebp4c2z", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root thehackernews.com/2026/05/lite...", "creation_timestamp": "2026-05-24T08:47:45.496337Z"}, {"uuid": "66f66fed-2468-4b16-b152-334e5e0aa271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mmlu7k542s2g", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root\n\nA maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild.\n\nThe flaw, tracked as CVE-2026-48172 (CVSS score: 10.0), relates to an inst\u2026\n#hackernews #news", "creation_timestamp": "2026-05-24T11:27:12.104608Z"}, {"uuid": "da844c10-f7dc-4fcd-873c-f35a21365c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "Telegram/aIPIWoZyEYzzX9nHUVKB1aA0s_e1mj3mQ8Eug10fFDw9pT4", "content": "", "creation_timestamp": "2026-05-24T03:00:05.000000Z"}, {"uuid": "e697db81-ce04-4689-8ae2-aa68f40fe8a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "Telegram/_KWAnd6RR6PDJnxcxd09YuafzYNN0qOVlN75nUN-G9yG8iw", "content": "", "creation_timestamp": "2026-05-23T15:00:07.000000Z"}, {"uuid": "8c5ac083-4a7e-48f3-aecf-d1a560e6be6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://gist.github.com/stone776/5e4e8b2ab887a1d47603282d5260e8d2", "content": "\n\n\n \n \n TARDIS Intelligence Briefing \u2014 2026-05-26\n \n \n *, *::before, *::after { margin: 0; padding: 0; box-sizing: border-box; }\n :root {\n --tardis-deep: #020b18; --tardis-dark: #061627; --tardis-mid: #0c2240;\n --tardis-surface: #0f2a4a; --tardis-panel: #132f52; --tardis-edge: #1a3d66;\n --tardis-blue: #1e6fba; --tardis-blue-bright: #3498db;\n --tardis-blue-glow: rgba(52,152,219,0.15); --tardis-gold: #f4c430;\n --tardis-gold-dim: rgba(244,196,48,0.12); --tardis-amber: #e89e2d;\n --tardis-green: #50c878; --tardis-green-soft: rgba(80,200,120,0.12);\n --tardis-red: #e74c3c; --tardis-text: #c8dce8;\n --tardis-text-dim: #7a9ab8; --tardis-text-muted: #4a6a85;\n }\n body { background:var(--tardis-deep); color:var(--tardis-text); font-family:'Rajdhani',sans-serif; font-weight:400; min-height:100vh; line-height:1.55; }\n ::-webkit-scrollbar { width:5px; } ::-webkit-scrollbar-track { background:var(--tardis-deep); } ::-webkit-scrollbar-thumb { background:var(--tardis-edge); border-radius:3px; }\n .console-header { background:var(--tardis-dark); border-bottom:2px solid var(--tardis-blue); padding:16px 36px; display:flex; align-items:center; justify-content:space-between; position:relative; overflow:hidden; }\n .console-header::before { content:''; position:absolute; top:0; left:0; right:0; height:2px; background:linear-gradient(90deg,transparent 0%,var(--tardis-blue-bright) 30%,var(--tardis-gold) 50%,var(--tardis-blue-bright) 70%,transparent 100%); }\n .console-brand { display:flex; align-items:center; gap:14px; }\n .tardis-icon { width:38px; height:38px; border:2px solid var(--tardis-blue); border-radius:4px; display:flex; align-items:center; justify-content:center; background:var(--tardis-mid); flex-shrink:0; }\n .tardis-icon::before { content:''; width:10px; height:10px; background:var(--tardis-gold); border-radius:50%; }\n .console-title-block { display:flex; flex-direction:column; gap:2px; }\n .console-title { font-family:'Orbitron',sans-serif; font-size:1.05em; font-weight:700; text-transform:uppercase; letter-spacing:0.14em; color:var(--tardis-gold); }\n .console-subtitle { font-family:'Share Tech Mono',monospace; font-size:0.7em; color:var(--tardis-text-dim); text-transform:uppercase; letter-spacing:0.18em; }\n .console-readout { display:flex; align-items:center; gap:24px; }\n .readout-date { font-family:'Share Tech Mono',monospace; font-size:1.1em; color:var(--tardis-gold); letter-spacing:0.06em; }\n .readout-classification { font-family:'Orbitron',sans-serif; font-size:0.62em; font-weight:700; text-transform:uppercase; letter-spacing:0.12em; color:var(--tardis-text-dim); background:var(--tardis-mid); border:1px solid var(--tardis-edge); padding:5px 14px; border-radius:3px; }\n .weather-readout { font-family:'Share Tech Mono',monospace; color:var(--tardis-text-dim); font-size:0.85rem; letter-spacing:0.5px; }\n .page-layout { display:grid; grid-template-columns:200px 1fr; min-height:calc(100vh - 74px); }\n .nav-sidebar { background:var(--tardis-dark); border-right:1px solid var(--tardis-edge); padding:28px 0; position:sticky; top:0; height:calc(100vh - 74px); overflow-y:auto; }\n .nav-sidebar::-webkit-scrollbar { width:3px; } .nav-sidebar::-webkit-scrollbar-thumb { background:var(--tardis-edge); }\n .nav-label { font-family:'Orbitron',sans-serif; font-size:0.58em; font-weight:700; text-transform:uppercase; letter-spacing:0.2em; color:var(--tardis-text-muted); padding:0 20px 12px; }\n .nav-item { display:flex; align-items:center; gap:10px; padding:9px 20px; cursor:pointer; border-left:3px solid transparent; text-decoration:none; color:var(--tardis-text-dim); font-family:'Rajdhani',sans-serif; font-size:0.85em; font-weight:500; line-height:1.2; }\n .nav-item:hover { color:var(--tardis-text); background:var(--tardis-mid); border-left-color:var(--tardis-blue-bright); }\n .nav-num { font-family:'Share Tech Mono',monospace; font-size:0.78em; color:var(--tardis-text-muted); width:18px; text-align:right; flex-shrink:0; }\n .nav-divider { height:1px; background:var(--tardis-edge); margin:12px 20px; }\n .main-content { padding:32px 40px 60px; max-width:960px; }\n .section-chrome { border:1px solid var(--tardis-edge); border-radius:6px; overflow:hidden; background:var(--tardis-dark); margin-bottom:28px; }\n .section-chrome-header { background:var(--tardis-mid); padding:11px 18px; display:flex; align-items:center; justify-content:space-between; border-bottom:1px solid var(--tardis-edge); }\n .section-header-left { display:flex; align-items:center; gap:9px; }\n .section-title { font-family:'Orbitron',sans-serif; font-size:0.68em; font-weight:700; text-transform:uppercase; letter-spacing:0.16em; color:var(--tardis-text); }\n .section-date { font-family:'Share Tech Mono',monospace; font-size:0.72em; color:var(--tardis-text-dim); background:var(--tardis-dark); padding:2px 9px; border-radius:3px; border:1px solid var(--tardis-edge); }\n .section-indicator { width:8px; height:8px; border-radius:50%; display:inline-block; flex-shrink:0; }\n .section-chrome-body { padding:22px 24px; }\n .bluf-block { border-left:3px solid var(--tardis-gold); background:var(--tardis-gold-dim); padding:12px 16px; margin-bottom:18px; border-radius:0 4px 4px 0; }\n .bluf-label { font-family:'Orbitron',sans-serif; font-size:0.58em; font-weight:700; text-transform:uppercase; letter-spacing:0.2em; color:var(--tardis-gold); margin-bottom:5px; display:block; }\n .bluf-text { font-family:'Rajdhani',sans-serif; font-size:1.05em; font-weight:600; color:var(--tardis-text); line-height:1.4; }\n .story { margin-bottom:22px; padding-bottom:22px; border-bottom:1px solid var(--tardis-edge); }\n .story:last-child { border-bottom:none; margin-bottom:0; padding-bottom:0; }\n .story-headline { font-family:'Rajdhani',sans-serif; font-size:1.08em; font-weight:700; color:var(--tardis-text); margin-bottom:5px; line-height:1.3; }\n .story-meta { font-family:'Share Tech Mono',monospace; font-size:0.75em; color:var(--tardis-text-muted); margin-bottom:10px; display:flex; gap:8px; align-items:center; flex-wrap:wrap; }\n .story-tag { font-family:'Orbitron',sans-serif; font-size:0.65em; font-weight:700; text-transform:uppercase; letter-spacing:0.1em; padding:2px 7px; border-radius:3px; }\n .story-tag-lead { background:rgba(231,76,60,0.15); color:var(--tardis-red); border:1px solid rgba(231,76,60,0.3); }\n .story-tag-include { background:rgba(52,152,219,0.1); color:var(--tardis-blue-bright); border:1px solid rgba(52,152,219,0.25); }\n .story-source { color:var(--tardis-blue-bright); }\n .story-date { color:var(--tardis-text-muted); }\n .story-facts { list-style:none; margin-bottom:10px; }\n .story-facts li { padding:5px 0 5px 18px; position:relative; border-bottom:1px solid rgba(26,61,102,0.25); font-size:0.95em; color:var(--tardis-text); line-height:1.45; }\n .story-facts li:last-child { border-bottom:none; }\n .story-facts li::before { content:''; position:absolute; left:0; top:12px; width:6px; height:6px; border:1px solid var(--tardis-blue-bright); border-radius:1px; transform:rotate(45deg); }\n .story-context { font-size:0.9em; color:var(--tardis-text-muted); line-height:1.55; margin-top:10px; font-style:italic; border-left:2px solid var(--tardis-edge); padding-left:12px; }\n .open-question { font-size:0.88em; color:var(--tardis-text-muted); font-style:italic; margin-top:8px; padding-left:14px; position:relative; }\n .open-question::before { content:'?'; position:absolute; left:0; font-family:'Share Tech Mono',monospace; color:var(--tardis-amber); font-style:normal; }\n .open-questions { margin-top:12px; }\n .oq-label { font-family:'Orbitron',sans-serif; font-size:0.58em; font-weight:700; text-transform:uppercase; letter-spacing:0.18em; color:var(--tardis-text-muted); display:block; margin-bottom:5px; }\n .open-questions ul { list-style:none; }\n .open-questions li { font-family:'Rajdhani',sans-serif; font-size:0.9em; color:var(--tardis-text-muted); font-style:italic; padding:3px 0 3px 16px; position:relative; }\n .open-questions li::before { content:'?'; position:absolute; left:0; font-family:'Share Tech Mono',monospace; font-size:0.85em; color:var(--tardis-amber); font-style:normal; }\n .finding { background:var(--tardis-surface); border:1px solid var(--tardis-edge); border-radius:5px; padding:16px 18px; margin-bottom:16px; }\n .finding-title { font-family:'Rajdhani',sans-serif; font-size:1.02em; font-weight:700; color:var(--tardis-gold); margin-bottom:10px; line-height:1.3; }\n .finding-body p { font-size:0.93em; color:var(--tardis-text-dim); line-height:1.55; margin-bottom:8px; }\n .finding-body p:last-child { margin-bottom:0; }\n .finding-body strong { color:var(--tardis-text); }\n .finding-body code { font-family:'Share Tech Mono',monospace; font-size:0.88em; color:var(--tardis-amber); background:rgba(232,158,45,0.1); padding:1px 5px; border-radius:3px; }\n .finding-priority { font-family:'Share Tech Mono',monospace; font-size:0.82em; color:var(--tardis-green); margin-top:6px; }\n .kev-entry { font-family:'Rajdhani',sans-serif; font-size:0.93em; color:var(--tardis-text); padding:4px 0; border-bottom:1px solid rgba(231,76,60,0.15); line-height:1.4; }\n .kev-entry:last-child { border-bottom:none; }\n .kev-cve { font-family:'Share Tech Mono',monospace; font-size:0.88em; color:var(--tardis-red); }\n .analysis-body p { font-family:'Rajdhani',sans-serif; font-size:1.0em; color:var(--tardis-text-dim); line-height:1.65; margin-bottom:16px; }\n .analysis-body p:last-child { margin-bottom:0; }\n .analysis-body strong { color:var(--tardis-gold); }\n .analysis-body em { color:var(--tardis-amber); font-style:normal; font-weight:600; }\n table { width:100%; border-collapse:collapse; font-size:0.9em; margin-bottom:12px; }\n thead { background:var(--tardis-surface); }\n th { font-family:'Orbitron',sans-serif; font-size:0.62em; font-weight:700; text-transform:uppercase; letter-spacing:0.12em; color:var(--tardis-text-dim); padding:9px 14px; text-align:left; border-bottom:1px solid var(--tardis-edge); white-space:nowrap; }\n td { font-family:'Rajdhani',sans-serif; font-size:0.9em; color:var(--tardis-text); padding:8px 14px; border-bottom:1px solid rgba(26,61,102,0.4); line-height:1.35; }\n tr:hover td { background:rgba(12,34,64,0.5); }\n .npm-table td { font-family:'Share Tech Mono',monospace; font-size:0.83em; }\n .npm-table td:first-child { font-family:'Rajdhani',sans-serif; font-size:0.9em; }\n .metadata-footer { background:var(--tardis-dark); border-top:1px solid var(--tardis-edge); padding:18px 40px; margin-top:8px; }\n .metadata-grid { display:flex; flex-wrap:wrap; gap:20px 36px; }\n .metadata-item { display:flex; flex-direction:column; gap:2px; }\n .metadata-key { font-family:'Orbitron',sans-serif; font-size:0.55em; font-weight:700; text-transform:uppercase; letter-spacing:0.18em; color:var(--tardis-text-muted); }\n .metadata-value { font-family:'Share Tech Mono',monospace; font-size:0.82em; color:var(--tardis-text-dim); }\n \n\n\n\n\n\n \n\n \n\n \n\n \nIntelligence Briefing\n \nOSINT-First \u00b7 IC Editorial Standards \u00b7 Claude Synthesis\n \n \n \n\n \nTuesday, 2026-05-26\n \nOSINT Only\n \nOvercast \u00b7 66\u00b0F high \u00b7 60\u00b0F low\n \n\n\n\n\n \n\n \nSections\n 01 AI Research\n 02 Merlin Intel\n 03 Military / Geo\n 04 Economic\n 05 Tech\n 06 Cybersecurity\n 07 Regulatory\n \n\n \u2211 Analysis\n // Metadata\n \n\n \n\n\n\n\n \n\n \n\n \n AI Research\n \n 2026-05-26\n \n \n\n \n\n BLUF\n Four papers today address the architecture of reliable agentic systems: harness design, control flow under risk, context consolidation, and always-on personal assistant gaps. One historical paper adds knowledge-state orchestration as a concrete blackboard improvement.\n \n\n \n \n\n \nFrom Model Scaling to System Scaling: Scaling the Harness in Agentic AI [ArXiv 2605.26112]\n \nLEAD [ArXiv] 2026-05-25\n \n\n \nArgues the primary bottleneck in production agentic AI has shifted from model quality to harness design: auditable, persistent, modular, and verifiable wrappers around foundation models.\n \nDistinguishes \"model scaling\" (parameter count, capability) from \"system scaling\" (how the surrounding architecture handles reliability, coordination, and failure recovery at volume).\n \nProvides formal definitions for each harness property: auditability requires logged trace per action; persistence requires state survives session boundaries; modularity requires component substitution without full rewrite; verifiability requires external validation of outputs before commit.\n \nEvaluates current leading frameworks against the four-property rubric; none satisfy all four in production deployments.\n \n \nThe framing resolves a common confusion: teams that improve model quality but not harness architecture see diminishing returns at scale because the failure modes shift to coordination and verification, not capability. Directly applicable to any system running multiple agents against shared state.\n \nOpen question: Does modular harness design require a shared schema for inter-component handoffs, or can modularity be achieved through interface contracts alone?\n \n\n \n \n\n \nRetrying vs Resampling in AI Control: When to Restart vs Correct [ArXiv 2605.26047]\n \nINCLUDE [ArXiv] 2026-05-25\n \n\n \nStudies AI coding scaffolds including Claude Code and Codex that \"retry\" by blocking a flagged action and continuing the same trajectory versus \"resampling\" (fresh run from the same prompt).\n \nFinds retrying outperforms resampling when the error is a discrete terminal action (wrong tool call, bad parameter) \u2014 the trajectory remains valid.\n \nFinds resampling outperforms retrying when the Judge flags a planning-level error \u2014 continuing the bad trajectory compresses rather than resolves the error.\n \nProposes a two-tier control protocol: classify error as tactical (action-level) or trajectory-level before routing to retry vs resample.\n \n \nEmpirical evidence that \"retry with feedback\" as a universal response to Judge failure is suboptimal. The routing decision \u2014 not the retry mechanism \u2014 is what determines reliability under quality gates.\n \n\n \n\n \nLanguage Models Need Sleep: Memory Consolidation for Long-Horizon Tasks [ArXiv 2605.26099]\n \nINCLUDE [ArXiv] 2026-05-25\n \n\n \nIdentifies context accumulation as a primary failure mode for long-horizon LLM tasks: attention cost scales quadratically, and performance degrades before the context limit is reached.\n \nProposes sleep-like consolidation: periodic compression of accumulated context into a structured summary, with selective forgetting of low-relevance detail.\n \nConsolidation outperforms both full retention and naive truncation (drop oldest tokens) on multi-session task completion benchmarks.\n \nTrending on Hacker News today, indicating broad developer attention to context management in production deployments.\n \n \nPractical finding: structured summarization checkpoints improve agent reliability more than increasing context window size. The \"sleep\" metaphor is useful \u2014 the compressed artifact is what persists, not the raw conversation.\n \n\n \n\n \nClaw-Anything: Benchmarking Always-On Personal Assistants with Broad Digital Access [ArXiv 2605.26086]\n \nINCLUDE [ArXiv] 2026-05-25\n \n\n \nBenchmarks LLM agents designed as always-on personal assistants with access to a user's full digital environment (files, email, calendar, browsing history, app state).\n \nCurrent systems operate over narrow access slices only; performance drops substantially when agents must synthesize across multiple data sources simultaneously.\n \nIdentifies \"context breadth failure\" as distinct from \"context length failure\": agents fail not because context is too long but because relevant context spans multiple disconnected systems.\n \nBenchmark released publicly; establishes baseline for cross-system personal assistant evaluation.\n \n \n\n \n \n\n \n[90-DAY HISTORICAL] ADEMA: Knowledge-State Orchestration for Long-Horizon LLM Agents [ArXiv 2604.25849]\n \nHISTORICAL [ArXiv] 2026-04-28\n \n\n \nIdentifies three long-horizon failure modes: knowledge states drift across rounds, intermediate commitments remain implicit, and interruption fractures accumulated context.\n \nADEMA architecture tracks explicit knowledge states per synthesis round with append-only commitment logs. On restart, the commitment log replaces re-derivation.\n \nTested on multi-session research synthesis tasks; reduces redundant re-derivation by 60% and improves resumption accuracy after interruption.\n \n \nSelected for window 3 (Apr 28\u2013May 5). Addresses the same long-horizon reliability problem as 2605.26099 from the state-tracking rather than context-compression angle \u2014 complementary approaches.\n \n \n\n\n\n\n \n\n \n\n \n Merlin Intelligence\n \n 2026-05-26\n \n \n\n \n\n BLUF\n Today's ArXiv output provides direct architectural validation for Merlin Phase 1: three papers address harness design, Judge/Auditor control flow, and context consolidation \u2014 each mapping to an open Phase 1 gap. The retrying-vs-resampling paper is the most immediately actionable.\n \n\n \n\n \n1. Harness Architecture as Merlin's Phase 1 Deliverable [ArXiv 2605.26112]\n \n\n \nResearch: \"From Model Scaling to System Scaling\" argues that agentic AI's next bottleneck is harness design, not model quality: specifically, building auditable, persistent, modular, and verifiable wrappers around foundation models. The paper names these four properties as the defining attributes of a production-grade harness.\n \nMerlin component: The Orchestrator + Blackboard architecture. Merlin already targets all four properties (OTel = auditable, Blackboard = persistent, SKILL.md = modular, Judge/Auditor = verifiable), but they are enforced by convention, not by instrumented checks.\n \nConcrete build: Add a harness health check to the Orchestrator's pre-flight: assert (1) OTel span emitted for current session, (2) blackboard artifact exists with current task_id, (3) Judge confidence recorded on prior step. This makes harness compliance observable and testable, not aspirational.\n \nBuild priority: [HIGH] \u2014 Phase 1 closure requires demonstrable auditability. This turns abstract properties into pass/fail assertions.\n \n \n\n \n\n \n2. Retrying vs Resampling: Judge Gate Should Resample, Not Retry [ArXiv 2605.26047]\n \n\n \nResearch: Studied Claude Code and Codex scaffolds that use \"retrying\" \u2014 blocking a flagged action and continuing the same trajectory. Found this underperforms resampling (starting a fresh run) when the risk flag indicates the trajectory itself has gone wrong, not just the terminal action.\n \nMerlin component: Judge/Auditor quality gate. Currently when Judge scores below threshold (confidence < 92), the Orchestrator re-runs with feedback in the same conversation. This is retrying. The paper's finding: if the Judge is flagging a structural planning error rather than a discrete action, continuing the trajectory is the wrong call.\n \nConcrete build: Add failure mode classification to Judge output: `TACTICAL_ERROR` (bad action in good plan \u2192 retry with correction) vs `TRAJECTORY_ERROR` (plan itself is wrong \u2192 resample from Planner). The Orchestrator routes differently based on error type rather than always retrying.\n \nBuild priority: [HIGH] \u2014 Trajectory errors explain why the retry loop gets stuck. This is the unlock for Phase 1 reliability.\n \n \n\n \n\n \n3. Knowledge-State Drift Is the Blackboard's Live Phase 1 Bug [ArXiv 2604.25849, HISTORICAL]\n \n\n \nResearch: ADEMA identifies three failure modes for long-horizon LLM agent tasks: (1) knowledge states drift across rounds, (2) intermediate commitments remain implicit, (3) interruption fractures context. Proposes explicit knowledge-state tracking as the fix.\n \nMerlin component: Blackboard artifact schema. Currently artifacts store final outputs but not the reasoning chain or intermediate commitment log. When an Orchestrator session restarts mid-task, it re-derives prior decisions from scratch.\n \nConcrete build: Add `commitment_log` jsonb field to `blackboard_artifacts` \u2014 an append-only list of `{step, decision, rationale, timestamp}` entries. Orchestrator writes one entry per planning decision. On restart, the commitment log is the first thing loaded. Implements ADEMA-style knowledge-state continuity at near-zero schema cost.\n \nBuild priority: [MEDIUM] \u2014 Solve after Judge routing. This is the Phase 1 persistence problem.\n \n \n\n \n\n \n4. Context Consolidation for Long Orchestrator Runs [ArXiv 2605.26099]\n \n\n \nResearch: \"Language Models Need Sleep\" finds that LLMs in long-horizon tasks accumulate context until performance degrades. Sleep-like consolidation (compress + selectively forget) outperforms both full retention and naive truncation.\n \nMerlin component: OpenHands conversation sessions for multi-step orchestration runs. As the Orchestrator handles a product build over many steps, context grows and model performance degrades before context limit is hit.\n \nConcrete build: Implement a consolidation checkpoint: after every N steps (e.g., 5), have the Orchestrator emit a `context_summary` artifact to the blackboard (the \"sleep\" step), then spawn a fresh session seeded with the summary. The commitment_log from Finding 3 is the output of consolidation. This replaces implicit context accumulation with explicit structured handoff.\n \nBuild priority: [EXPLORE] \u2014 Worth a spike once Phase 1 loop closes. Prerequisite: commitment_log field from Finding 3.\n \n \n\n \n\n \nOpen Questions\n \n\n \nJudge failure classification (tactical vs trajectory) requires the Judge to reason about its own confidence source \u2014 does the current Judge skill prompt have enough context to distinguish \"this action is wrong\" from \"this plan is wrong\"?\n \nThe harness health check (Finding 1) creates a pre-flight that can block runs. Should harness failures be hard-stop or soft-warn during Phase 1 to avoid breaking the factory while it is being built?\n \n \n \n\n\n\n\n \n\n \n\n \n Military / Geopolitical\n \n 2026-05-26\n \n \n\n \n\n BLUF\n Three simultaneous carrier posture shifts: PLAN's Liaoning operating east of Luzon while USS George Washington departs Japan; USS Nimitz deploys to Caribbean with pressure on Cuba. South Korea announces domestic nuclear attack submarine program \u2014 the most significant Korean peninsula military development in years.\n \n\n \n\n \nChinese Carrier Liaoning Operating Near Philippines as USS George Washington Departs Yokosuka\n \nLEAD [USNI] 2026-05-26\n \n\n \nJapan's Joint Staff Office confirmed Tuesday that the PLAN Liaoning Carrier Strike Group is operating in the Philippine Sea east of Luzon, Philippines [USNI].\n \nUSS George Washington simultaneously departed Yokosuka on spring patrol, transitioning from its Japan homeport into Western Pacific operational deployment [USNI].\n \nFleet tracker confirms USS George H.W. Bush CSG continues operations in the Arabian Sea; USS Nimitz CSG deploying to Caribbean (see below) \u2014 three U.S. carriers simultaneously repositioning across three theaters [USNI].\n \nPLAN Liaoning's Philippine Sea position represents a forward deployment east of the first island chain, operating in the same waters as U.S. and allied naval forces.\n \n \nConcurrent PLAN carrier operations east of the first island chain and USN carrier repositioning from Japan signals active phase of Western Pacific competition. Japan's disclosure of the Liaoning's position, rather than allowing it to pass quietly, reflects deliberate allied transparency signaling. The dual-carrier simultaneous posture is the operational environment for any Taiwan contingency rehearsal.\n \nOpen question: Whether the Liaoning's Philippine Sea deployment is a transit through the first island chain or a sustained operational patrol position.\n \n\n \n\n \nSouth Korea Announces Domestic Nuclear-Powered Attack Submarine Program\n \nLEAD [USNI] 2026-05-26\n \n\n \nSeoul announced Tuesday it will develop and construct a new class of nuclear-powered attack submarines (SSN) domestically, citing North Korea's growing missile submarine threat [USNI].\n \nProgram declared \"will be developed and constructed domestically\" \u2014 signaling a defense industrial ambition beyond the immediate operational need.\n \nSouth Korea has sought nuclear submarine capability for years; prior U.S. opposition centered on nonproliferation concerns under the U.S.-ROK civilian nuclear agreement.\n \nAnnouncement follows Australia's AUKUS SSN program and Japan's expanded naval posture; signals accelerating regional nuclear-capable naval proliferation among U.S. allies.\n \n \nThe ROK SSN program is a structural shift in the Korean peninsula military balance. A domestically produced nuclear submarine program requires 10\u201315 years and sustained political commitment, but the announcement itself changes deterrence calculations. North Korea's submarine-launched ballistic missile program has been cited as the forcing function. The U.S. reaction \u2014 whether it endorses, conditions, or opposes the program \u2014 will determine whether this announcement leads to a program or becomes a negotiating posture.\n \nOpen question: Whether the U.S. will require ROK access to U.S. naval nuclear propulsion technology (as with AUKUS) or whether South Korea intends fully indigenous development, which would require different enrichment arrangements.\n \n\n \n\n \nUSS Nimitz Carrier Strike Group Deploys to Caribbean as U.S. Intensifies Pressure on Cuba\n \nINCLUDE [NavyTimes/USNI] 2026-05-26\n \n\n \nUSS Nimitz (CVN-68), 51-year-old supercarrier with recently extended service life, arrived in Caribbean midweek with strike group elements including destroyer squadrons [NavyTimes].\n \nDeployment framed explicitly as pressure application on Cuba; vessel is among the oldest active carriers in the fleet, suggesting the assignment reflects political signaling rather than high-end contingency posturing.\n \nSimultaneous with Bush CSG in Arabian Sea and George Washington's departure from Japan \u2014 three carrier groups deployed across Western Pacific, Persian Gulf, and Caribbean simultaneously.\n \n \nThe Nimitz Caribbean deployment continues a multi-month pattern of U.S. pressure on Cuba and Venezuela using naval presence. Using an aging carrier for the assignment signals confidence the theater does not require a high-readiness platform, while still generating visible political pressure.\n \n \n\n\n\n\n \n\n \n\n \n Economic\n \n 2026-05-26\n \n \n\n \n\n BLUF\n The 10Y-2Y yield spread turned positive at +0.43 \u2014 the yield curve has un-inverted after a prolonged inversion. Historically this precedes recession onset by 6\u201318 months. VIX and HY spreads remain calm, indicating markets have not yet priced this signal.\n \n\n \n\n \nFRED Indicators \u2014 Week of May 26, 2026\n \n[FRED / St. Louis Fed]\n\n \n\n \n \n Indicator\n What It Measures\n Latest\n Change\n Baseline Range\n Signal\n \n \n \n \n 10Y\u20132Y Spread (T10Y2Y)\n Yield curve shape: positive = normal, negative = inverted\n +0.43\n \u22120.060\n +0.5 to +2.0 (normal)\n \u26a0 Just un-inverted\n \n \n VIX\n Equity market volatility expectation (fear gauge)\n 16.59\n \u22120.110\n 12\u201320 (calm); >30 stress\n Calm regime\n \n \n 10Y Treasury (GS10)\n Long-term government borrowing cost; anchors mortgage and credit rates\n 4.32%\n +0.070\n 3.5\u20135.0 (current cycle)\n Elevated, stable\n \n \n HY Option-Adj Spread\n Risk premium on junk bonds vs Treasuries; rises when credit stress increases\n 2.74%\n 0.000\n 2.5\u20134.0 (benign); >6 stress\n Tight, risk-on\n \n \n SOFR\n Overnight lending rate; Fed policy anchor for short-term borrowing\n 3.55%\n +0.040\n Fed funds target 3.25\u20133.50\n At target ceiling\n \n \n Initial Jobless Claims (ICSA)\n Weekly new unemployment filings; leading recession indicator\n 209,000\n \u22123,000\n 200\u2013250K (healthy); >300K stress\n Healthy labor market\n \n \n M2 Money Supply (WM2NS)\n Total money in circulation; large increases signal inflation risk\n $22,879B\n +$164.6B\n Post-2020 expansion range\n Expanding\n \n \n Freight Shipments (FRGSHP)\n Real freight volume index; proxy for economic activity and supply chain health\n 1.011\n +0.004\n 1.0 = baseline; <0.95 contraction\n Modest growth\n \n \n \n\n \n\n Yield curve un-inversion note: The T10Y2Y at +0.43 marks the end of the prolonged inversion that began in 2022. Historical pattern: yield curve un-inversions after extended negative periods have preceded recession onset by 6\u201318 months in each post-WWII cycle (1989\u20131990, 2000\u20132001, 2006\u20132007). The counter-argument is that this cycle is structurally different due to the speed of the rate-hike-then-cut cycle. Current data \u2014 VIX at 16.59, HY spreads at 2.74, jobless claims at 209K \u2014 shows no imminent distress signal. The divergence between the yield curve signal and current financial conditions is itself informative: either markets are complacent about a coming slowdown, or this un-inversion does not carry the historical predictive weight.\n \n \n\n \n\n \nCrunchbase: Seed Rounds Larger as Series A Conversion Rate Falls\n \nINCLUDE [Crunchbase News] 2026-05-26\n \n\n \nSeed deal sizes have increased materially while the probability of a seed-funded company reaching Series A has fallen dramatically, per Crunchbase chart analysis [Crunchbase].\n \nStructural shift: investors are concentrating larger checks on fewer seed companies they believe can reach Series A, rather than distributing across a larger portfolio of smaller bets.\n \nCompanies failing to raise Series A face a larger absolute funding gap \u2014 the same story that ends in failure now costs investors more to reach that conclusion.\n \nSimultaneous Crunchbase piece: \"The IPO Comeback Has A Catch\" \u2014 notes IPO market reopening carries restrictive lock-up and profitability conditions not present in 2021 window.\n \n \nThe barbell is tightening at the seed stage. For developer tools companies (Supabase's competitive set), this means fewer well-funded Series A competitors entering the market \u2014 but the ones that do emerge are better capitalized and more deliberately chosen. The seed discipline filters weak competitors earlier. IPO conditions favoring profitability over growth accelerate the timeline pressure on venture-backed companies still burning cash.\n \n \n\n\n\n\n \n\n \n\n \n Tech\n \n 2026-05-26\n \n \n\n \n\n BLUF\n OpenRouter doubles to $1.3B valuation in one year \u2014 strong signal for the LLM routing/abstraction layer as a venture-scale market. MySQL community launches governance fork, echoing PostgreSQL's independence model. Supabase-js climbs to 19.8M weekly downloads.\n \n\n \n\n \nOpenRouter Doubles Valuation to $1.3 Billion in One Year\n \nINCLUDE [TechCrunch] 2026-05-26\n \n\n \nOpenRouter, which provides a unified API for routing requests across multiple LLM providers, raised a new round at $1.3B valuation \u2014 more than double its $650M valuation from approximately one year prior [TechCrunch].\n \nThe company serves as an abstraction layer, allowing developers to write once and route to Claude, GPT-5, Gemini, or open-source models without code changes.\n \nValuation doubling in 12 months reflects strong developer adoption of multi-model routing as a production pattern rather than a prototyping convenience.\n \n \nThe LLM routing/abstraction layer is emerging as a distinct infrastructure category. OpenRouter's trajectory mirrors what API gateway companies (Kong, Apigee) achieved for REST APIs \u2014 developers pay for the routing intelligence and fallback logic rather than managing provider relationships directly. For Supabase, this reinforces that developer tools at the infrastructure layer command premium multiples when they abstract complexity that teams would otherwise rebuild themselves.\n \n\n \n\n \nMySQL Community Launches OurSQL Foundation to Operate Independent of Oracle\n \nINCLUDE [TheRegister] 2026-05-26\n \n\n \nMySQL community contributors announced the OurSQL Foundation to maintain MySQL development and governance independent of Oracle's control [TheRegister].\n \nOrganizers cited Oracle's slowing release cadence, restricted contributor access, and concerns about long-term licensing as motivations.\n \nFollows the MariaDB fork pattern from 2009; community has maintained parallel development since Oracle's acquisition of Sun/MySQL in 2010.\n \nPostgreSQL's community-governed model under the PostgreSQL Global Development Group frequently cited as the alternative template.\n \n \nDatabase governance matters for developer trust and adoption velocity. PostgreSQL's community-controlled governance is a meaningful competitive advantage over Oracle-owned MySQL: developers who care about long-term stability choose PostgreSQL partly because no single company can restrict access or change licensing. The OurSQL announcement is both a validation of PostgreSQL's model and a potential fragmentation event for MySQL's installed base \u2014 some MySQL users may migrate to PostgreSQL rather than bet on a new fork.\n \n\n \n \n\n \nDeveloper Ecosystem: npm Download Trends \u2014 Week of May 26, 2026\n \n[npmjs.org] 2026-05-26\n \n\n \n \n Package\n Weekly\n Monthly\n Rate\n Signal\n \n \n \n \n @supabase/supabase-js\n 19,775,886\n 79,114,050\n 1.08\u00d7\n \u2191 Above baseline\n \n \n prisma\n 11,948,421\n 49,557,830\n 1.04\u00d7\n Steady\n \n \n drizzle-orm\n 9,648,834\n 38,259,604\n 1.09\u00d7\n Growing\n \n \n firebase\n 7,397,747\n 30,901,485\n 1.04\u00d7\n Steady\n \n \n aws-sdk\n 8,644,272\n 38,898,502\n 0.96\u00d7\n Slight decline\n \n \n convex\n 732,408\n 2,853,129\n 1.11\u00d7\n Growing\n \n \n @neondatabase/serverless\n 2,063,565\n 8,060,498\n 1.11\u00d7\n Growing\n \n \n @planetscale/database\n 193,607\n 841,109\n 1.00\u00d7\n Flat\n \n \n \n \nSupabase-js at 19.8M weekly \u2014 ahead of Firebase (7.4M) by 2.67\u00d7 and Prisma (11.9M) by 1.66\u00d7. Drizzle at 1.09\u00d7 weekly rate continues its multi-month growth trajectory. Neon at 1.11\u00d7 indicates continued momentum in serverless Postgres. PlanetScale flat at 1.00\u00d7 confirms stagnation trend.\n \n \n\n\n\n\n \n\n \n\n \n Cybersecurity\n \n 2026-05-26\n \n \n\n \n\n BLUF\n Three AI-adjacent security incidents today: Iran-attributed breach of LA transit, nation-states using AI agents for sanctions evasion, and Microsoft Copilot Cowork found to exfiltrate user files. One CISA KEV addition (LiteSpeed cPanel, low significance).\n \n\n \n\n \nIranian Hackers Breached Los Angeles Transit System; Recovery Took Weeks\n \nINCLUDE [TechCrunch] 2026-05-26\n \n\n \nIranian threat actors attributed to the breach of Los Angeles Metropolitan Transportation Authority (LA Metro) systems [TechCrunch].\n \nRecovery took weeks; specific systems affected not fully disclosed, but breach reached internal networks beyond public-facing infrastructure.\n \nDistinct from prior Iranian submarine cable interference threats reported in the Arabian Sea theater \u2014 this is a direct attack on U.S. domestic critical infrastructure.\n \nFollows a pattern of Iranian cyber operations against U.S. transit and municipal systems as asymmetric pressure in response to economic sanctions.\n \n \nIran has increased domestic-targeting cyber operations as a sanctions pressure release valve. Transit systems are attractive targets because disruption is immediately visible to civilians without requiring penetration of hardened federal networks. The multi-week recovery time indicates meaningful operational impact.\n \n\n \n\n \nRogue States Deploying AI Agents Systematically for Sanctions Evasion\n \nINCLUDE [TheRegister] 2026-05-26\n \n\n \nNation-state actors \u2014 including North Korea, Iran, and Russia \u2014 deploying AI agents to identify, model, and route around financial sanctions mechanisms at scale [TheRegister].\n \nAI agents used to map sanctions-compliant financial pathways, identify shell company registration opportunities, and automate transaction structuring at volumes impossible with human operators.\n \nRepresents a qualitative shift from human-operated evasion to AI-enabled systematic circumvention: speed, scale, and adaptability all increase by orders of magnitude.\n \nRegulatory bodies (OFAC, EU sanctions authorities) have not publicly disclosed countermeasures.\n \n \nThis is the nation-state analogue to AI-assisted fraud at the consumer level. The operational implication: sanctions enforcement frameworks designed for human-speed evasion are structurally under-equipped for AI-speed adaptive evasion. This becomes a forcing function for AI-based detection on the enforcement side.\n \n\n \n\n \nMicrosoft Copilot Cowork Feature Found to Exfiltrate User Files\n \nINCLUDE [simonwillison.net] 2026-05-26\n \n\n \nSecurity researcher documented Microsoft Copilot Cowork functionality transmitting user file contents to Microsoft servers beyond what the feature's described functionality requires [simonwillison.net].\n \nCowork is a collaboration feature within Copilot that enables shared AI-assisted document editing \u2014 the exfiltration occurred in the course of normal feature use.\n \nMicrosoft has not issued a formal response as of publication time.\n \nAdds to a growing list of AI assistant features that expand data access beyond user expectation: prior incidents include Recall (screenshot exfiltration) and various browser copilot implementations.\n \n \nThe pattern across Microsoft Copilot incidents is consistent: AI features that require broad context access (to be useful) also create data surface area that exceeds user consent expectations. Enterprise security teams are now systematically reviewing AI-integrated tools for data egress before deployment. This is a category-level trust problem for Microsoft's Copilot suite, not an isolated feature bug.\n \n\n \n \n\n \nCISA KEV: CVE-2026-48172 \u2014 LiteSpeed cPanel Plugin Privilege Escalation\n \n[CISA KEV] 2026-05-26 (added today)\n \n\n CVE-2026-48172 \u2014 LiteSpeed cPanel Plugin privilege escalation vulnerability. Vendor: LiteSpeed. Product: cPanel Plugin. CISA due date: per KEV standard 3-week remediation window.\n \n \nRoutine vulnerability addition. Affects shared hosting environments running LiteSpeed with cPanel. No evidence of campaign-level exploitation or novel attack paradigm.\n \n \n\n\n\n\n \n\n \n\n \n Regulatory\n \n 2026-05-26\n \n \n\n \n\n BLUF\n China mandates pre-approval for private-sector AI experts before international travel \u2014 an escalation of talent mobility controls that will slow knowledge transfer and constrain hiring from Chinese AI institutions.\n \n\n \n\n \nChina Requires Private-Sector AI Experts to Obtain Government Approval Before International Travel\n \nINCLUDE [Tom's Hardware] 2026-05-26\n \n\n \nBeijing issued new regulations requiring AI researchers and technical staff employed at private Chinese firms to obtain government approval before traveling internationally [Tom's Hardware].\n \nRegulation targets AI expertise specifically; scope includes researchers, engineers, and product managers with access to model weights, training data, or proprietary architecture details.\n \nExtends prior controls on state-employed researchers to the private sector, which houses the majority of China's frontier AI talent (Baidu, ByteDance, Alibaba, DeepSeek, Moonshot, etc.).\n \nApproval process timeline and criteria not publicly specified; regulatory ambiguity creates a chilling effect beyond the literal scope of the rule.\n \n \nThis is the talent mobility equivalent of export controls. China is treating AI expertise as a controlled strategic asset at the human level, not just the chip or model level. For U.S. and European AI labs, this structurally reduces the pool of Chinese researchers who can join or collaborate internationally \u2014 both by limiting exits and by creating compliance risk for anyone who participates. The practical effect accelerates bifurcation of the global AI research community into Chinese-domestic and international tracks.\n \nOpen question: Whether the regulation will be applied extraterritorially \u2014 i.e., whether Chinese nationals already working abroad at foreign AI firms face retroactive obligations.\n \n \n\n\n\n\n \n\n \n\n \n Analysis\n \n 2026-05-26\n \n \n\n \n\n\n \nThree simultaneous carrier repositioning events \u2014 Liaoning east of Luzon, George Washington departing Yokosuka, Nimitz into the Caribbean \u2014 suggest a period of deliberate posture signaling across multiple theaters simultaneously rather than a single-theater contingency response. The probability is roughly even (55/45) that the Western Pacific movements are coordinated show-of-presence signaling in advance of scheduled diplomatic activity versus an unplanned operational response to specific intelligence. The more structurally significant development is South Korea's nuclear submarine announcement: this is almost certainly (85%+) a genuine program commitment rather than a negotiating posture, given the domestic defense industrial investment it implies. The regional nuclear submarine proliferation arc \u2014 Australia via AUKUS, Japan's expanded naval budget, now ROK \u2014 represents a decade-long structural shift in Indo-Pacific conventional deterrence that is accelerating regardless of U.S. policy.\n\n \nThe yield curve un-inversion at T10Y2Y +0.43 is the economic signal worth watching, though not acting on yet. Historical base rate for recession onset within 18 months of yield curve un-inversion after prolonged inversion: approximately 80%. Current financial conditions \u2014 VIX at 16.59, HY spreads at 2.74, jobless claims at 209K declining \u2014 show no near-term distress. The divergence suggests either a 6\u201312 month lag before conditions deteriorate, or a genuine structural break from historical patterns due to the speed of this rate cycle. For developer tool spending: seed funding discipline and Series A conversion rate decline are the leading indicators that matter, not equities. The barbell tightening at seed stage likely reduces the cohort of well-funded competitors entering Supabase's market over the next 18 months, which is a net competitive positive.\n\n \nChina's AI travel approval requirement and rogue-state AI sanctions evasion are two sides of the same structural dynamic: AI expertise is being treated as a controlled strategic asset by state actors simultaneously on offense (weaponized evasion) and defense (talent lock-in). This bifurcation of the global AI research community is probably (70%+) irreversible on a 5-year horizon. The talent pool available to U.S. AI labs from Chinese institutions will contract structurally.\n\n \nMerlin synthesis: Today's ArXiv cluster on harness architecture is internally consistent: system scaling is the bottleneck, Judge routing logic determines reliability under failure, and knowledge-state drift is the specific mechanism that causes long-horizon orchestration to degrade. The three findings are not independent \u2014 they are different descriptions of the same Phase 1 gap. Probability that addressing Judge error classification (tactical vs trajectory) alone produces measurable Phase 1 reliability improvement: high (75%+). The commitment_log field and consolidation checkpoint are lower-priority but compound: each makes the next one easier to implement.\n\n \n \n\n\n \n\n\n\n\n \n\n \n\n \nGenerated\n \n2026-05-26 13:20 PT\n \n \n\n \nArXiv Window\n \nWindow 3 \u00b7 2026-04-28 \u2013 2026-05-05\n \n \n\n \nSections\n \n7 sections + Analysis\n \n \n\n \nLeads\n \n3 (Dual WPac Carriers, ROK SSN, Agentic AI Harness)\n \n \n\n \nIncludes\n \n13\n \n \n\n \nMerlin Findings\n \n4 (2 HIGH, 1 MEDIUM, 1 EXPLORE)\n \n \n\n \nDropped Stale\n \n5\n \n \n\n \nDropped Dedup\n \n1 (tech layoffs tracker)\n \n \n\n \nFRED Series\n \n14 / 14 valid\n \n \n\n \nBrave Searches\n \n37\n \n \n\n \nRSS Feeds\n \n23 feeds fetched\n \n \n\n \nModel\n \nclaude-sonnet-4-6\n \n \n\n\n\n", "creation_timestamp": "2026-05-26T20:32:04.000000Z"}, {"uuid": "f0a66b75-89be-41a1-86a2-d67a777dd768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "Telegram/tVEH8ExctsIFXe1lSxgIqCxaA1ewqGmPV7eXHzPjZx0qug", "content": "", "creation_timestamp": "2026-05-25T22:24:39.000000Z"}, {"uuid": "66f5ae97-02a5-4fa2-9c80-308fbdb78132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "Telegram/3rrZ3W4m-Z9OuTS_RUHO0Y6_bDA2j9xYkUvKaR9nVqIiWQ", "content": "", "creation_timestamp": "2026-05-23T11:43:23.000000Z"}, {"uuid": "8081e89f-47ae-49cb-bee3-6cb705b1fad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mmsbkplmsz2q", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u6027\u30921\u4ef6\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds One Known Exploited Vulnerability to Catalog #CISA (May 26)\n\nCVE-2026-48172 LiteSpeed cPanel\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u6a29\u9650\u6607\u683c\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-05-27T00:42:14.487820Z"}, {"uuid": "f65b35e7-f1c2-4de1-aa76-f4ddb73c3c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/bugxhunter.bsky.social/post/3mmsfxonynz2x", "content": "\ud83c\udfdb\ufe0f CISA Adds LiteSpeed cPanel Plugin Privilege Escalation Vulnerability\n\n\ud83d\udcdd CISA adds CVE-2026-48172 to KEV Catalog, affecting federal agencies.\n\nhttps://www.cisa.gov/news-events/alerts/2026/05/26/cisa-adds-one-known-exploited-vulnerability-catalog\n\n\ud83d\udcf0 Alerts\n\n#GovSec #CVE", "creation_timestamp": "2026-05-27T02:00:53.893501Z"}, {"uuid": "fdc8fb93-9d2e-4d59-9512-fe9ba7cffe20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mmt2xm5dfp2c", "content": "CISA\u304ccPanel\u306eLiteSpeed\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u30bc\u30ed\u30c7\u30a4\u8106\u5f31\u6027\u306e\u5373\u6642\u30d1\u30c3\u30c1\u9069\u7528\u3092\u8981\u8acb\n\nCISA\u306f\u706b\u66dc\u65e5\u3001\u91ce\u5916\u3067\u60aa\u7528\u304c\u78ba\u8a8d\u3055\u308c\u3066\u3044\u308bcPanel\u5411\u3051LiteSpeed\u30e6\u30fc\u30b6\u30fc\u30a8\u30f3\u30c9\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u6df1\u523b\u306a\u8106\u5f31\u6027\u306b\u3064\u3044\u3066\u3001\u9023\u90a6\u6a5f\u95a2\u306b\u5bfe\u3057\u5373\u6642\u30d1\u30c3\u30c1\u9069\u7528\u3092\u6c42\u3081\u305f\u3002 CVE-2026-48172\uff08CVSS\u30b9\u30b3\u30a29.8\uff09\u3068\u3057\u3066\u8ffd\u8de1\u3055\u308c\u3066\u3044\u308b\u3053\u306e\u6b20\u9665\u306f\u3001\u653b\u6483\u8005\u304croot\u6a29\u9650\u3067\u4efb\u610f\u306e\u30b9\u30af\u30ea\u30d7\u30c8\u3092\u5b9f\u884c\u3067\u304d\u308b\u53ef\u80fd\u6027\u306e\u3042\u308b\u6a29\u9650\u6607", "creation_timestamp": "2026-05-27T08:16:40.155676Z"}, {"uuid": "99622543-7702-421c-905f-7ec649098b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmt7w6mipq2d", "content": "CISA added CVE-2026-48172 to its exploited vulnerabilities list. The LiteSpeed cPanel plugin flaw can let attackers gain root access via arbitrary script execution. Patch with LiteSpeed WHM Plugin 5.3.1.0+ #LiteSpeed #cPanel #CISA", "creation_timestamp": "2026-05-27T09:45:21.463369Z"}, {"uuid": "a82739a2-be67-4347-9a7e-25c8b6870652", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0181eb9a-faf8-4072-8417-ae685deac9a0", "content": "", "creation_timestamp": "2026-05-26T18:00:01.632999Z"}, {"uuid": "94318a12-a346-41c2-9844-c0c595e6df55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmrl5c3ifd2s", "content": "\ud83d\uded1 CVE-2026-48172\nLiteSpeed cPanel Plugin\nCVSS 10.0 / EPSS 0% / KEV\nTL;DR: LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (poss\u2026\nhttps://cvesentinel.replit.app/report/CVE-2026-48172?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-26T18:00:51.158061Z"}, {"uuid": "450d3749-8272-4c50-aa1c-35decf749ca1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6582504", "content": "2026-05-26: [CVE-2026-48172] LiteSpeed cPanel Plugin Privilege Escalation VulnerabilityLiteSpeed cPanel Plugin contains privilege escalation vulnerability that is exposed via the user-end cPanel plugin, which can be abused by any cPanel user account to execute arbitrary scripts with root privileges.\ncisakev", "creation_timestamp": "2026-05-26T18:25:47.715850Z"}, {"uuid": "00b8d536-7cf2-4c11-84ff-212c117b7c9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3mmstxsdncstq", "content": "CVE-2026-48172 LiteSpeed cPanel Plugin Privilege Escalation Vulnerability", "creation_timestamp": "2026-05-27T06:12:13.780281Z"}, {"uuid": "87c074ff-2fb1-4614-b1b6-a0a57fc574bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mmswxbuwu22x", "content": "CVE-2026-48172 in LiteSpeed cPanel user-end plugin is actively exploited and enables root-level script execution; patch to 2.4.5+ or remove plugin immediately.\n", "creation_timestamp": "2026-05-27T07:04:55.003864Z"}, {"uuid": "7f7b09d8-a859-419d-86ed-3953f35d50b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116646073527499637", "content": "\u26a0\ufe0f CRITICAL: Actively exploited privilege escalation in LiteSpeed cPanel plugin (CVE-2026-48172) enables remote root access via lsws.redisAble. Patch plugin v2.3 \u2013 v2.4.4 now! CISA mandates 4-day deadline for U.S. agencies. https://radar.offseq.com/threat/cisa-gives-feds-4-days-to-patch-actively-exploited-ebc57663 #OffSeq #vuln #patchnow", "creation_timestamp": "2026-05-27T10:30:32.825950Z"}, {"uuid": "a504d95e-035a-4f97-90a6-95db2c81bd9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mmtcgzadie2d", "content": "LiteSpeed cPanel plugin CRITICAL vuln (CVE-2026-48172) is under active exploit \u2014 remote attackers can gain root access! Patch plugin v2.3 \u2013 v2.4.4 ASAP. CISA gives feds 4 days. https://radar.offseq.com/threat/cisa-gives-feds-4-days-to-patch-actively-exploited-ebc57663 #OffSeq #cybersecurity #patc...", "creation_timestamp": "2026-05-27T10:30:34.032057Z"}, {"uuid": "f34e34e4-8300-460a-83be-43adcf44d07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mmtdo24ajok2", "content": "CISA Warns of Exploited LiteSpeed cPanel Plugin Flaw The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2026-48172 to its Known Exploited Vulnerabilities (K...\n\n#Cyber #Security #News #Cyber #security #news #vulnerability\n\nOrigin | Interest | Match", "creation_timestamp": "2026-05-27T10:52:24.227544Z"}, {"uuid": "632cf310-3020-46c0-9476-ceeb3ede8734", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/cvesentinel.bsky.social/post/3mmrv7iy5c22s", "content": "\ud83d\uded1 CVE-2026-48172\nLiteSpeed cPanel Plugin\nCVSS 10.0 / EPSS 0% / KEV\nTL;DR: LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (poss\u2026\nhttps://cvesentinel.replit.app/report/CVE-2026-48172?utm_source=bluesky&utm_medium=social&utm_campaign=cvesentinel\n#infosec #CVE #vulnerability", "creation_timestamp": "2026-05-26T21:01:06.239626Z"}, {"uuid": "610ff9b6-d847-4998-a6c5-16ea08e6d264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://ccb.belgium.be/advisories/warning-cve-2026-48172-critical-litespeed-cpanelwhm-plugin-flaw-being-actively-exploited", "content": "", "creation_timestamp": "2026-05-26T09:28:11.000000Z"}, {"uuid": "808dba64-f0a7-46a1-95a7-f7b1f376ea0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-48172", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mmtj5fepax2t", "content": "CISA added CVE-2026-48172 to its exploited list after attacks on the LiteSpeed cPanel plugin. The flaw can let remote attackers gain root access. #CVE2026 #LiteSpeed #cPanel", "creation_timestamp": "2026-05-27T12:30:27.331828Z"}, {"uuid": "80d58791-22ec-48c1-9755-62fec4e0df45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-48172", "type": "seen", "source": "https://bsky.app/profile/earthnewstech.bsky.social/post/3mmtpg5il7o2k", "content": "LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root A maximum-severity security vulnerability impact...#news https://thehackernews.com/2026/05/litespeed-cpanel-plugin-cve-2026-48172.html", "creation_timestamp": "2026-05-27T14:22:43.531029Z"}]}