Policy Pulse - Week of May 9, 2026 | Issue #14

disclose · May 9, 2026, 5:35pm

Policy Pulse - Issue #14 | Week of May 9, 2026

Your weekly briefing on cybersecurity policy affecting vulnerability disclosure and security research.

Top Story

Governments Line Up Behind Project Glasswing as Mythos Forces a New Disclosure Reality

Three weeks after Anthropic announced Claude Mythos Preview and the Project Glasswing consortium, the policy reaction is now visible across multiple jurisdictions, and it is moving faster than any previous AI capability disclosure. The UK AI Security Institute (April 13) reported that Mythos was the first model to complete its end-to-end 32-step “Last Ones” attack range (3 of 10 runs, against a target a human professional needs roughly 20 hours to clear) and hit a 73% success rate on expert-level CTFs. Ireland’s National Cyber Security Centre (April 13) commended the restricted-consortium model, noted defenders currently hold the advantage, and told organisations to harden patch discipline now. The UK Department for Science, Innovation and Technology and the Cabinet Office issued a joint open letter to business leaders (April 15, updated April 22) explicitly anchoring the AI cyber-threat conversation to executive accountability, Cyber Essentials, and NCSC’s Early Warning Service.

What makes this an inflection point for VDP is the structural shape of Glasswing itself. Anthropic has handed Claude Mythos Preview to AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and roughly 40 additional critical-software organisations, plus $100M in usage credits and $4M to open-source security work. The model has already produced thousands of zero-day vulnerabilities, over 99% of which were unpatched at disclosure time. That is not a future problem for triage queues; it is a now problem. ProMarket has already raised antitrust questions about whether selective access to a defensive capability of this scale crosses into illegal restraint of trade, and the DOJ/FTC February 2026 joint inquiry on competitor collaborations is the lens regulators are likely to apply.

Why it matters for VDP: Coordinated disclosure was designed for a world where finders and fixers were both human-paced. In a Glasswing world, a small number of vendors get advance, AI-scale finder capacity while the public researcher community, mid-sized vendors, and downstream open-source maintainers do not. Triage backlogs, embargo windows, fix coordination across dependency chains, and “who gets told first” all need re-thinking. If your VDP intake assumes a few dozen reports a quarter and you are in the dependency graph of a Glasswing partner, plan for a coordinated patch wave whose timing you do not control.

Throwback: In Issue #13 we covered the early UK AISI evaluation and the first Mythos signals. This week’s developments confirm the policy reaction is now multi-government, with the Irish NCSC and UK DSIT both publishing within 48 hours of the AISI report.

Upcoming Deadlines & Events

Date	Agency	Event/Deadline	Action Required	Link
May 15, 2026	CISA	FCEB remediation deadline for CVE-2026-31431 (Linux kernel local privilege escalation, KEV)	Patch FCEB systems; non-FCEB orgs strongly urged to follow	CISA alert
May 19, 2026	EU Commission	Feedback window on COM(2026) 11 EU Cybersecurity Act revision (post-publication consultation track)	Submit feedback if your VDP touches EU certification or ENISA-coordinated disclosure	Have Your Say
September 11, 2026	EU Commission	EU Cyber Resilience Act mandatory reporting of actively exploited vulnerabilities (24/72-hour windows) becomes binding	Stand up reporting workflows for products in scope; align VDP intake with CRA notification path	CRA reporting
December 11, 2027	EU Commission	EU CRA full obligations (long-term security support, conformity assessment) take effect	Plan multi-year support windows into product VDP commitments	CRA timeline
Ongoing (review 2026)	UK Home Office	Computer Misuse Act statutory defence for security researchers, in active legislative drafting	Engage CyberUp consultation; track parliamentary stage	CyberUp Campaign

The CISA KEV May 15 deadline is the closest mandatory action item this week. Five other KEV entries (PaperCut, JetBrains TeamCity, Kentico, Quest KACE, Synacor Zimbra, plus three Cisco Catalyst SD-WAN flaws) carried earlier May 4 deadlines that have now passed; if you missed them, treat them as in-flight remediation, not closed.

This Week in Policy

AI & Emerging Tech Security

Project Glasswing consortium expands beyond launch partners: Anthropic confirmed access has been extended to 40+ additional critical-software organisations on top of the original launch partners (AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks). $100M usage credits + $4M to open-source security work. (Anthropic)
- Why it matters for VDP: Open-source maintainers are explicitly inside the tent for the first time in a frontier-model coordinated-disclosure arrangement. That is a precedent worth defending.
UK AISI publishes first government evaluation of an offensive frontier-model cyber capability: Mythos Preview hit 73% on expert CTFs and was the first model to complete the 32-step “Last Ones” range end-to-end (3/10 runs). (AISI)
- Why it matters for VDP: AISI signalled the next evaluation cycle will use ranges with active defenders and EDR. That is the right benchmark for telling VDP programs “your blue team buys you X hours” with any honesty.
Irish NCSC formally endorses the restricted-consortium model: First EU-state national cyber authority on the record describing Glasswing-style limited release as “responsible.” (gov.ie)
- Why it matters for VDP: EU regulator endorsement of asymmetric early access is now on the record. Expect this to be cited in CRA and CSA-revision deliberations.
UK joint open letter from DSIT and Cabinet Office to business leaders on AI cyber threats: Signed by Liz Kendall and Dan Jarvis MBE (April 15, updated April 22). Anchors response to Cyber Essentials, the Cyber Governance Code of Practice, and the NCSC Early Warning Service. (gov.uk)
- Why it matters for VDP: UK government is now telling boards that AI cyber risk is a board-level governance question, not a CISO line item. That re-frames how VDP gets funded inside large UK enterprises.
Antitrust scrutiny of Glasswing emerges: ProMarket argues the consortium’s information-sharing protocols and exclusion of non-members may run into Sherman Act issues; flags DOJ/FTC’s February 2026 joint inquiry on competitor collaborations as the relevant lens. (ProMarket)
- Why it matters for VDP: If antitrust regulators force broader access, VDP coordinators outside Glasswing may suddenly find themselves inside it. Watch for the first FTC business-review letter request.

Federal Strategy & Regulation

American Leadership in AI Act introduced: Reps. Lieu (D-CA-36) and Obernolte (R-CA-23) introduced a consolidated package combining 20+ prior bipartisan AI proposals across six titles, including federal AI procurement security and AI-incident tracking. Includes Rep. Ross’s AI Incident Reporting and Security Enhancement Act, which would direct NIST to add AI systems to the NVD and stand up a federal AI vulnerability reporting process in coordination with CISA. (Lieu press release, Ross press release)
- Why it matters for VDP: Adding AI systems to the NVD is the structural change VDP practitioners have been asking for. If this rides through on the AI bill rather than as a standalone, it will travel faster.
CISA adds CVE-2026-31431 (Linux kernel) to KEV: Local privilege escalation actively exploited; FCEB deadline May 15. Continuing the pattern from late April (eight KEV adds with April 23/May 4 deadlines, including Cisco Catalyst SD-WAN, PaperCut, JetBrains TeamCity, Kentico, Quest KACE, Synacor Zimbra). (CISA)
- Why it matters for VDP: Linux-kernel KEV adds are the clearest signal that downstream Linux-distro VDP coordination needs to be airtight. If your program ships Linux as part of an appliance, your customers’ federal compliance now depends on your patch SLA.

CVE & Vulnerability Programs

CVE program funding stable, CVE Foundation operational: After the April 2025 funding scare, CISA’s 11-month MITRE extension plus the new CVE Foundation non-profit have produced an operational dual structure. ENISA’s EUVD remains in beta as the EU’s parallel track. (CyberScoop)
- Why it matters for VDP: The CVE Foundation’s existence means a US administration cannot single-handedly switch off CVE again. That is the structural fix the community wanted.

Legal & Researcher Protections

UK Computer Misuse Act statutory defence still in active drafting: Security Minister Dan Jarvis confirmed in December 2025 the government is pursuing a CMA statutory defence for security researchers. CyberUp’s April 16 report sharpens the political case by ranking the UK behind the US, France, and Australia on researcher protection. No bill text yet in 2026. (CyberUp)
- Why it matters for VDP: UK researchers still operate without statutory protection. Every month this slips, the post-Mythos environment gets harder for unaffiliated finders.
CFAA good-faith policy remains unchanged from 2022 DOJ guidance: No legislative motion this week; the policy remains binding on prosecutors, not courts, and offers no defence against private civil suits. (EFF analysis)
- Why it matters for VDP: Researchers operating under DOJ good-faith carve-out still need explicit safe-harbour language in program scopes. The policy is not a substitute.

International Developments

EU Cybersecurity Act revision (COM(2026) 11) consultation track active: Published January 20, 2026; proposes ICT supply-chain security, simpler certification, and a reinforced ENISA mandate. Feedback channel open via “Have Your Say.” (European Commission)
- Why it matters for VDP: ENISA is the closest the EU has to a coordinated-disclosure focal point. Strengthening its mandate is a direct VDP-infrastructure question.
UN Cybercrime Treaty: no movement until January 2027: Vienna talks failed to produce procedural consensus in January 2026; no further sessions scheduled until 2027. (Global Initiative)
- Why it matters for VDP: Researcher-protection language in the treaty remains unresolved. The twelve-month gap is breathing room for civil-society advocacy on Article 6/7 carve-outs.

Friends of disclose.io

CyberUp Campaign: “Cybersecurity at a Crossroads” (April 16, 2026)

The CyberUp Campaign exists for one reason: to update the UK’s Computer Misuse Act 1990 so that good-faith security research is not a criminal act. Their April 16 report, “Cybersecurity at a Crossroads,” is the sharpest political artefact the campaign has produced to date and lands at exactly the right moment. With Project Glasswing handing AI-scale vulnerability discovery to a closed consortium, the asymmetry between protected and unprotected finders is no longer a debate about legal hygiene; it is a debate about where vulnerability discovery actually happens and who is allowed to participate.

The report argues, with comparative data, that the UK is now visibly behind the US, France, and Australia on legal protections for cybersecurity professionals, and that the gap is suppressing UK cyber innovation, resilience, and talent retention. Security Minister Dan Jarvis confirmed in December 2025 that the government is exploring a CMA statutory defence; CyberUp’s framework, which gates the defence on harm-vs-benefit, proportionality, intent, and competence, remains the leading proposal text. February 2026 saw amendments to the Cyber Security and Resilience Bill withdrawn at committee following ministerial assurances. The next move is the government’s.

Key findings:

UK lags US, France, and Australia on legal protections for security researchers
Status quo CMA risks UK cyber innovation, resilience, and talent
Statutory defence framework (harm-vs-benefit, proportionality, intent, competence) ready for legislative drafting
Ministerial commitment exists; bill text does not (yet)

Read the full report and join the campaign

CyberUp has been the most coherent, longest-running researcher-protection campaign in the UK. In a post-Mythos world where governments are visibly choosing who gets defensive capability first, the case for protecting independent finders is no longer aspirational; it is structural. disclose.io stands with CyberUp.

Worth Reading

Project Glasswing: Securing critical software for the AI era (Anthropic): The primary source. Read this before you read anything else.
Our evaluation of Claude Mythos Preview’s cyber capabilities (UK AISI): The first government-published offensive cyber evaluation of a frontier model. Cite this in your next AI risk assessment.
The Antitrust Risks of Anthropic’s Project Glasswing and the ‘AI Avengers’ (ProMarket, Madhavi Singh): The serious legal counterargument to selective consortium access. Treats the question as a Sherman Act problem, not a vibes problem.
On Anthropic’s Mythos Preview and Project Glasswing (Bruce Schneier): Schneier’s framing: the asymmetry between defenders-with-Mythos and the rest matters more than the model itself.
NCSC statement on Anthropic’s Mythos Preview (Ireland NCSC): First EU national cyber authority on the record. Short, direct, worth the four minutes.

Policy Pulse is a weekly bulletin from disclose.io. Keeping the security research community informed on policy that affects our work.

Have a tip or want to contribute? Reply to this email, reach out on Twitter/X, Bluesky, or drop a comment on community.disclose.io.

Topic	Replies	Views
Policy Pulse - Week of May 3, 2026 \| Issue #13 Write-ups and Disclosures	3	May 3, 2026
Policy Pulse - Week of April 19, 2026 \| Issue #11 Write-ups and Disclosures	8	April 19, 2026
Policy Pulse - Issue #2 \| Week of February 8, 2026 Write-ups and Disclosures	18	February 9, 2026
Response to Voatz’s Supreme Court Amicus Brief Press and Citations	1076	February 5, 2021
Policy Pulse - Week of March 22, 2026 \| Issue #7 Write-ups and Disclosures	10	March 22, 2026