Week that Was for 05.02.26

Top stories.

1. OpenAI and Anthropic brief Congress on cyber-capable AI models.
2. "Copy Fail" flaw leads to privilege escalation on Linux.
3. Iran war updates.
4. FISA Section 702 gets another stopgap extension.
5. US Supreme Court leans toward requiring warrants for geofencing searches.

OpenAI and Anthropic brief Congress on cyber-capable AI models.

OpenAI and Anthropic each met with US House Homeland Security Committee staff last week to brief them on the security implications of Mythos Preview and GPT-5.4-Cyber, Axios reports. Both companies are limiting the release of their cyber-focused AI models to prevent abuse by malicious actors.

A committee aide told Axios the briefings were "proactive engagement with these companies on recent frontier model developments." An Anthropic spokesperson said the company regularly briefs "congressional staff on model capabilities and their national security implications." OpenAI said it met with both Senate and House committees last week, as well as with the White House. House Homeland Security Chair Andrew Garbarino (Republican of New York) said the briefings are meant to ensure that "Congress is asking the right questions."

Axios also reports that the White House is drafting guidance to help government agencies get around Anthropic's designation as a supply chain risk and start using the company's advanced AI models, including Mythos. A source told Axios that the efforts are a way to "save face and bring 'em back in." The White House said in a statement, "The White House continues to proactively engage across government and industry to protect our country and the American people, including by working with frontier AI labs. The collective effort of all involved will ultimately benefit our economy and country. However, any policy announcement will come directly from the President and anything else is pure speculation."

"Copy Fail" flaw leads to privilege escalation on Linux.

Researchers at Xint Code have disclosed "Copy Fail" (CVE-2026-31431), a high-severity Linux kernel flaw that can lead to local privilege escalation. According to a write-up by Theori, "An unprivileged local user can write 4 controlled bytes into the page cache of any readable file on a Linux system, and use that to gain root." Xint notes that while most local privilege escalation flaws require certain conditions to run on different systems, Copy Fail is a straight-line logic flaw that "works unmodified on every Linux distribution." While exploitation requires local code execution, the flaw can be chained with other vulnerabilities to achieve root privileges as soon as an attacker gains access to a system.

Proof-of-concept code is publicly available on GitHub, and users are advised to patch promptly.

Iran war updates.

The pro-Iranian hacker group Handala claims to have stolen and published personal information belonging to more than 2,300 US Marines stationed in the Persian Gulf region, Metro reports. The group says it obtained details about Marines’ families, home addresses, bases, shopping habits, and activities. Handala presents itself as a hackivist group, but researchers say the threat actor is linked to Iran’s Ministry of Intelligence.

Separately, the Record cites former NSA director Tim Haugh and cybersecurity leader Kevin Mandia as saying Iranian cyber activity is likely driven by opportunistic attacks, which are then amplified by an exaggerated narrative. Haugh stated, "I'd probably draw an analogy right now, that Iran and Iran's cyber capability is closer to a criminal actor. They're going to do targeted opportunity [attacks] and then try to tie that to an information operation to make it big."

Meanwhile, Reuters reports that the war in Iran has disrupted the circuit board supply chain, driving up prices and lengthening waiting times for essential materials like epoxy resin, glass fiber, copper foil, and other materials.

FISA Section 702 gets another stopgap extension.

The US Congress on Thursday approved a 45-day extension for Section 702 of the Foreign Intelligence Surveillance Act (FISA), the Record reports. The three-year extension passed by the House on Wednesday was shot down by the Senate because it included a provision that would ban the Federal Reserve from issuing digital currency.

FISA Section 702, which allows for surveillance of non-Americans outside the US, has long been the subject of controversy due to its incidental collection of Americans' data.

US Supreme Court leans toward requiring warrants for geofencing searches.

The US Supreme Court signalled during oral arguments this week that it would rule in favor of requiring warrants for location data searches, the Record reports. Both liberal and conservative justices seemed to indicate that indiscriminate sweeps of all cell phones near a crime scene constitute Fourth Amendment-protected searches, and law enforcement will need to obtain warrants and find ways to ensure that such searches are as limited as possible.

Andrew Guthrie Ferguson, a law professor at George Washington University, told the Record, "As we have seen in the Supreme Court’s other digital surveillance cases, the Justices seem to be more comfortable with a compromise approach, requiring judicial warrants to put some limits on law enforcement searches, but also not banning them completely." Ferguson added that requiring warrants for these searches would be a win for privacy advocates.