Policy Pulse - Issue #18 | Week of June 6, 2026
Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.
Top Story
Hackers on the Hill Returns June 16: The Researcher-Policymaker Pipeline Reopens on Capitol Hill
Hackers on the Hill returns to Washington DC on Tuesday, June 16, 2026 at the US Capitol, the first Capitol-side gathering of the year and the one that will set the policymaker-meeting tone for the rest of 2026. This is the I Am The Cavalry all-volunteer initiative that has been quietly running the most consistent researcher-to-policymaker pipeline in the community since 2017, and the 2026 cadence has been deliberately rescheduled from January to June to align “WITH the Congressional calendar not against it” — meaning the meetings happen when policymakers actually have bandwidth to listen.
Format follows the usual structure: a morning plenary with speakers drawn from cybersecurity and public policy, followed by direct attendee meetings with Members of Congress and their staff. No commercial activity, no sponsorships, no sales pitches. The point is for researchers to bring real-world technical experience into the rooms where policy is drafted, and for staffers to ask the questions they cannot easily ask in a normal hearing setting.
This year’s iteration lands inside a uniquely consequential policy week. The White House signed Promoting Advanced Artificial Intelligence Innovation and Security on June 2, the EU CRA reporting clock is ticking toward September 11, the UK Computer Misuse Act statutory defence is narrowing in draft, and the UN Cybercrime Convention is collecting ratifications. Researchers who show up June 16 will have unusually concrete asks: codify good-faith CFAA protections, fund the CISA AI-defensive-tooling work the EO directed, and clarify how the new Treasury “AI cybersecurity clearinghouse” will coordinate with the existing CVE program. Registration opened around May 1; check hackersonthehill.org for status.
Why it matters for VDP: Hackers on the Hill is the highest-leverage day on the calendar for moving security-researcher legal protections from policy doctrine to actual statute. With the Mythos EO making AI-discovered vulnerabilities a federal coordination problem this month, the conversations on June 16 are how the community shapes whether the next round of implementation rules makes VDP work easier or harder.
Throwback: In Issue #17 we put June 16 in the deadline table; this issue makes it the lead because the surrounding policy week now makes the meetings unusually consequential.
Featured: The Mythos EO
White House signs the first AI-cybersecurity EO; longer analysis later this week.
On June 2, 2026, the White House signed Promoting Advanced Artificial Intelligence Innovation and Security, the first US executive order to wire frontier-model cyber capability directly into federal cybersecurity machinery. The order arrives a month after Anthropic’s Mythos Preview disclosure, in which Mythos identified “thousands of additional high- and critical-severity vulnerabilities” with “fewer than 1%” patched at publication.
Headline mechanics: developers of “covered frontier models” may “provide the Federal Government with access to covered frontier models for a period of up to 30 days before they plan to release such models to other trusted partners” (White House text, IAPP analysis). The window was negotiated down from a draft 90 days; David Sacks said of the change, “The change in the EO from a 90 day to 30 day period is a game changer because it allows our AI labs to comply with the voluntary framework without delaying new model releases” (Federal News Network). The order explicitly disclaims any “mandatory governmental licensing, preclearance, or permitting requirement,” keeping the regime voluntary.
What the EO actually builds, per the Latham & Watkins analysis: a classified benchmarking process inside Treasury, Defense (via NSA), and DHS (via CISA) to define what a “covered frontier model” is, with a 60-day deadline; CISA-issued binding operational directives and AI-enabled defensive tooling for federal, state, local, and critical-infrastructure operators, with a 30-day deadline; and a Treasury-led “AI cybersecurity clearinghouse” that “coordinates and prioritizes remediation and distribution of vulnerability patches.”
A longer analysis will land later this week on the disclose.io blog, walking through what the Treasury clearinghouse, the CISA directive deadline, and the AI-discovered-CVE submission surface mean for VDP programs in practice. For now, the Institute for Security and Technology is convening A Policy Response to the Mythos Moment on June 8, with Megan Stifel, Jen Ellis, Jason Kikta, and Katie Noble unpacking what is in the order and what it leaves unsaid.
Why it matters for VDP: Treasury is now the named coordinator for vulnerability patch prioritization in any environment touched by AI-discovered findings, which is a federal coordination layer that did not exist a week ago, alongside CISA and the CVE program. VDP intake teams should expect AI-discovered submissions volume to keep climbing as more labs join Glasswing-style partnerships.
Throwback: In Issue #15 and Issue #16 we covered Anthropic’s Mythos Preview and Cloudflare’s Project Glasswing post-mortem; this EO is the policy reaction those stories made inevitable.
Upcoming Deadlines & Events
| Date | Agency/Org | Event/Deadline | Action Required | Link |
|---|---|---|---|---|
| June 8, 2026 | Institute for Security and Technology | Webinar: A Policy Response to the Mythos Moment | Register and attend; first defender-side reading of the new EO | Register |
| June 10, 2026 | CISA | Federal agency remediation deadline for recent KEV additions (BOD 22-01) | FCEB agencies remediate; private sector should review and prioritize | KEV catalog |
| June 11, 2026 | EU Commission | EU Cyber Resilience Act conformity assessment body designation begins | Manufacturers in scope confirm notified-body selection plan | CRA text |
| June 16, 2026 | I Am The Cavalry | Hackers on the Hill, Washington DC, US Capitol | Register and prepare policymaker meeting talking points | hackersonthehill.org |
| ~July 2, 2026 | White House (via Treasury, NSA, CISA) | 30-day deadlines under the AI Cybersecurity EO: CISA AI defensive tooling guidance; Treasury clearinghouse stand-up | Watch for CISA directive language; VDP programs should track scope | EO text |
| ~August 1, 2026 | NSA-led | 60-day deadline: classified “covered frontier model” benchmarking process due | Capability disclosures, including AI-discovered CVEs, become the empirical baseline | EO text |
| September 11, 2026 | EU Commission | EU CRA Article 14 vulnerability reporting obligations enter into application | Manufacturers wire vulnerability reporting to ENISA EVD | ENISA EVD |
This Week in Policy
AI & Emerging Tech Security
-
Anthropic expands Mythos Preview to ENISA and roughly 150 organizations across 15+ countries: On June 1, 2026, Anthropic agreed to give ENISA access to Claude Mythos through Project Glasswing, making ENISA the first EU institution in the program; the following day Anthropic expanded Glasswing to roughly 150 organizations across more than 15 countries (TechTimes). The expansion is the operational counterpart to the EO: Anthropic is materially scaling the population of organizations with structured access to a model that has “thousands” of unpatched zero-days. Why it matters for VDP: Glasswing partners are effectively running parallel AI-scale disclosure pipelines into vendor PSIRTs. Programs that have not yet tagged or routed AI-tool-attributed submissions should treat this as the forcing function.
-
IST convenes practitioner panel to read the EO line-by-line on June 8: The Institute for Security and Technology’s Mythos Moment webinar pairs Megan Stifel (IST Chief Strategy Officer) with Jen Ellis (NextJenSecurity), Jason Kikta (Automox CTO), and Katie Noble (Director, Bug Bounty & PSIRT at Intel). VDP program leads with PSIRT responsibilities should attend. Why it matters for VDP: Katie Noble’s presence puts a named PSIRT director on the panel, which is the closest signal we will get this month on how an in-scope vendor reads the Treasury clearinghouse role.
Federal Strategy & Regulation
-
CISA continues active KEV cadence through early June: CISA added new vulnerabilities to the Known Exploited Vulnerabilities Catalog on June 2 and June 3, 2026, including a Linux Kernel improper authentication bug (CVE-2022-0492), an Android Framework integer overflow (CVE-2025-48595), and a Mirasvit Full Page Cache Warmer deserialization flaw (CVE-2026-45247). The June 2 batch is now subject to BOD 22-01 remediation timelines for FCEB agencies. Why it matters for VDP: KEV remains the single highest-signal venue for de-risked talking points with policymakers, particularly at Hackers on the Hill on June 16. The Linux Kernel addition formalizes federal exposure on a CVE that has been in the wild since 2022.
-
Josh Corman’s water-systems testimony lands as policy primer for AI-era OT defense: On May 22, 2026, Joshua Corman testified before the House Science, Space, and Technology Subcommittee on Environment under the title Research-Driven Resilience: Applying Science to Secure U.S. Water Systems from Cyber Threats. Corman called for systems engineering programs targeting national security and public safety risks, stronger researcher connections to EPA’s Water and Wastewater Sector Risk Management Agency, an NSF cross-directorate cybersecurity program, and cross-sector dependency mapping. He also surfaced the UnDisruptable27 initiative, partnering hospitals and water utilities to engineer pre-failure mitigations ahead of potential 2027 conflict scenarios. Why it matters for VDP: Water utilities are the single largest pool of unsupported OT in the US, and most still operate without any VDP. Corman’s testimony reframes that gap as an applied-science problem with federal funding hooks, which is the most credible path to actually closing it. Throwback: In Issue #16 we covered the underlying House Science Committee hearing; this is the formal testimony record now in the public archive.
CVE & Vulnerability Programs
- EU CRA Article 14 clock keeps ticking toward September 11: With the EU Cyber Resilience Act Article 14 vulnerability reporting obligations entering into application on September 11, 2026, manufacturers in scope have approximately 14 weeks to wire vulnerability disclosure flows to ENISA’s European Vulnerability Database. VDP teams should already be drafting the Article-14-compliant version of their disclosure SOP. Why it matters for VDP: This is the first time a major jurisdiction has mandated a structured 24-hour early-warning and 72-hour follow-up reporting cadence into a regional vulnerability database. The next 14 weeks are the last reasonable window to prepare.
Legal & Researcher Protections
-
UK Computer Misuse Act statutory defence narrows again: Reporting on the National Security Bill drafting indicates the proposed CMA statutory defence would shield approximately 300 accredited researchers, “roughly 0.4% of the country’s 69,600-strong cyber workforce” (Tech Times reporting, citing official UK government figures published May 2026). The proposed defence covers scanning for known vulnerabilities only and excludes confirming a vulnerability is real, bug bounty work, academic and independent research, professionals at smaller firms, and any activity by agentic AI tools, all of which are standard practice across the industry (see Issue #17 for the full exclusions list). Why it matters for VDP: A “pay to play” CMA defence that excludes agentic AI testing is structurally misaligned with where capability research is actually moving in 2026. UK-based VDP intake should expect researcher participation to chill rather than expand under the current draft.
-
US CFAA good-faith framework still policy, not law: The 2022 DOJ Justice Manual update directing prosecutors to decline good-faith security research cases remains the only federal protection. Recent state-court signaling, including the Virginia Supreme Court ruling analyzed by the Center for Cybersecurity Policy, continues to surface gaps where researchers acting in good faith remain exposed. With Hackers on the Hill landing June 16, the legislative codification of good-faith CFAA protections is the cleanest single ask for the policymaker meetings.
International Developments
- UN Cybercrime Convention signature window closes December 31, 2026: As of May 2026, the UN Convention against Cybercrime has 76 signatories but only three ratifications (Qatar, Azerbaijan, Vietnam). The treaty enters into force 90 days after the 40th ratification. Article 28(4) remains the live concern for the security-research community, requiring states parties to be able to compel “any person who has knowledge about the functioning of the information and communications technology system” to provide the information that will enable access by cybercrime investigators, a provision human-rights and researcher groups have flagged as a vector for compelled disclosure of unpatched vulnerabilities (MIT Sloan Management Review; see also Just Security on the human-rights risks). Why it matters for VDP: As more signatories ratify, cross-border VDP coordination will increasingly run into divergent national interpretations of Article 28(4). Now is the window for community input on US ratification position.
Friends of disclose.io
Institute for Security and Technology: Research-Driven Resilience and the UnDisruptable27 Project
The Institute for Security and Technology is doing double-duty in this issue’s news cycle, both as the convener of the Mythos Moment policy webinar on June 8 and as the home of Joshua Corman’s House Science Committee testimony on water systems resilience. IST has been one of the more thoughtful voices on the AI cybersecurity policy frontier, and Corman’s UnDisruptable27 project is one of the only applied-research efforts explicitly designed to engineer cyber-resilience into OT environments at hospitals and water utilities before the 2027 risk window.
Key findings from the testimony:
- US water systems rely on outdated OT never designed for internet connectivity, with firmware that resists patching
- Chinese military units have compromised US water facilities; pro-Iranian actors continue active targeting; AI-augmented threat actors are emerging
- UnDisruptable27 is building practical, scalable engineering mitigations partnering hospitals and water utilities
- Recommended actions include strengthening researcher connections with EPA, an NSF cross-directorate cybersecurity program, and cross-sector dependency mapping
Full testimony record (IST virtual library)
IST sits at the intersection of operational defense research and policy translation, which is exactly the angle the disclose.io community needs as VDP scope expands to AI-discovered and OT-context vulnerabilities.
Worth Reading
- Unpacking the White House executive order on frontier AI, cybersecurity (IAPP, June 3, 2026): Clean line-by-line read of the EO from a privacy-and-governance angle; particularly useful on the “covered frontier model” definition gap and the Treasury clearinghouse mechanics.
- President Trump Signs Executive Order Establishing AI Cybersecurity and Frontier Model Framework (Latham & Watkins): Law-firm analysis with the most precise breakdown of the 30-day, 60-day, and Treasury-coordination clocks.
- Reading between the lines of Trump’s new executive order on AI (Atlantic Council): The geopolitical and industrial-policy framing the technical readings tend to skip.
- Anthropic’s Mythos moment: how frontier AI is redefining cybersecurity (World Economic Forum): The framing piece that made “Mythos moment” the policy shorthand.
- Too Dangerous to Deploy: Anthropic’s Mythos and What Comes Next (Just Security): The most rigorous public-interest legal read on the disclosure decisions Anthropic faced.
Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.
Have a tip or want to contribute? Reply to this email, reach out on Bluesky, or drop a comment here.