The Foundation Layer

Anthropic's Project Glasswing found 10,000 critical vulnerabilities in software that enterprise AI runs on. JPMorgan moved AI out of the innovation budget and into core infrastructure alongside payment systems. NVIDIA bet $6.5 billion on photonics. The signal this week: AI is not being layered on top of enterprise systems -- it is becoming the systems.

In this edition: Project Glasswing -- 10,000 critical vulnerabilities  ·  JPMorgan reclassifies AI as core infrastructure  ·  NVIDIA's $6.5B photonics bet  ·  GPT-5.5 enterprise rollout  ·  ServiceNow + Accenture FDE program  ·  Gartner: 40% of enterprise apps get AI agents by year-end

The Vulnerability Audit You Didn't Order

Anthropic gave 50 organizations access to a frontier model that autonomously finds software vulnerabilities. It found more than 10,000 critical flaws -- including a working exploit against a cryptography library used by billions of devices. The model is not publicly available. The reason tells you everything about where enterprise AI security is headed.

The enterprise security implication is immediate. Most of the software that enterprise AI runs on was written before AI-scale vulnerability analysis existed. The backlog of high-severity flaws embedded in that software has not been discovered because discovery at this speed and scale was not previously possible. Mythos changes that. In internal testing, Anthropic committed over $100 million in model usage credits to the initiative and granted access to roughly 50 partner organizations. What those partners found was not a new category of vulnerability -- it was a new speed of discovery applied to the existing inventory of unpatched risk.

The paradox at the center of Glasswing is precisely the reason it matters for enterprise leaders. Anthropic has not released Mythos Preview publicly, and has stated it will not do so until safeguards exist strong enough to prevent the model being used as an offensive tool. A model that can find 10,000 critical vulnerabilities in widely-used software can, in the wrong hands, generate an exploit pipeline at a scale and speed that no security operations center is currently equipped to defend against. The same capability that makes Mythos valuable for defense makes it dangerous for offense.

For enterprise CISOs and CIOs, the Glasswing findings carry two near-term implications. First: the open-source components embedded in your AI stack carry a vulnerability debt that has not been audited at the speed now technically possible. Second: the threat model for AI-assisted attacks on enterprise infrastructure is not hypothetical. The attacker timeline for acquiring equivalent capability is compressing faster than most enterprise security roadmaps assume.

Moving Pieces

Five developments that matter to enterprise leaders this week

JPMorgan Moves AI Out of the Innovation Budget

JPMorgan Chase has reclassified its $2 billion AI budget from discretionary innovation to core infrastructure -- placing it alongside data centers, payment systems, and risk controls within its $19.8 billion technology budget. CEO Jamie Dimon stated the investment has already self-funded through $2 billion in operational savings across 150,000+ employees, with 10-11% productivity gains in engineering, operations, and fraud detection. The accounting move is not symbolic. Moving a budget line from "innovation" to "infrastructure" changes what auditors examine, what regulators scrutinize, what capital ratios reflect, and what the board must approve to reverse. When the largest bank in the world treats AI as infrastructure rather than experiment, the industry has a data point that is difficult to dismiss.

NVIDIA Bets $6.5 Billion on Photonics to Solve AI's Data Transfer Problem

NVIDIA has committed $6.5 billion to photonics technology companies since March 2026, including multi-year strategic agreements with Coherent, Corning, Lumentum, and a partnership with Marvell on silicon photonics. The thesis: copper-based data transfer cannot sustain the bandwidth demands of AI inference and training at hyperscale. Photonics -- transferring data via light rather than electrical current -- reduces cost, latency, and energy consumption at the speeds AI infrastructure requires. The market has confirmed the thesis: Lumentum shares up 134% year-to-date, Coherent up 96%, Marvell up 122%, Corning up 111%. CEO Jensen Huang said at GTC in March that photonics capacity needs are "substantially higher than the world has today." For enterprise infrastructure teams managing multi-year compute contracts, this is the clearest signal yet that the physical layer underneath AI is being redesigned.

GPT-5.5 Reaches Enterprise -- With On-Prem MCP and Teams Integration

OpenAI is rolling out GPT-5.5 and GPT-5.5 Pro to Business and Enterprise ChatGPT customers. Two enterprise-specific additions stand out. A Microsoft Teams integration allows ChatGPT to reference Teams messages and conversation metadata users already have access to. More significantly: a Secure MCP Tunnel allows enterprise AI systems to connect to private or on-premises MCP servers without exposing them to the public internet. The MCP Tunnel addresses the central technical objection to deploying AI agents against internal systems -- the requirement to either expose internal APIs publicly or accept data leaving the enterprise perimeter. For security-conscious CIOs, this is the feature that changes the deployment calculus for agentic workflows in regulated environments.

ServiceNow and Accenture Build a Pilot-to-Production Engineering Program

ServiceNow and Accenture launched a Forward Deployed Engineering program explicitly designed to close the enterprise AI execution gap. Under the model, ServiceNow's AI-native engineers embed alongside Accenture teams directly inside client environments, building agentic workflows natively on the ServiceNow platform around specific value chains. Clients get access to more than 300 pre-built agent skills backed by AI Control Tower governance. The differentiator is delivery sequence: the program builds working production systems before enterprise rollout begins, rather than issuing roadmaps toward them. It is the same execution logic as the EY-Microsoft initiative announced last week, arriving from a different vendor pair. The pattern is consistent: the pilot-to-production gap has become a named product category.

Gartner: 40% of Enterprise Apps Will Feature AI Agents by End of 2026

Gartner forecasts that 40% of enterprise applications will incorporate task-specific AI agents by end of 2026 -- up from less than 5% in 2025. Current deployment data tracks with the trajectory: 57% of organizations already run multi-step agent workflows, and 81% plan to expand agentic use cases this year. Reported ROI in production deployments runs 26-31% cost savings across finance, supply chain, sales operations, and IT. The primary barrier is not model capability -- it is integration. Forty-six percent of organizations cite connectivity to existing enterprise systems (ERP, CRM, ITSM, financial ledgers) as the primary deployment challenge. The intelligence is available. The last-mile problem is system access, not model performance.

high- and critical-severity vulnerabilities found by Claude Mythos in widely-used open-source software.

Anthropic's Project Glasswing partners identified more than 10,000 high- or critical-severity vulnerabilities across 1,000+ open-source projects using Claude Mythos Preview. More than 90% were validated as true positives by independent security researchers. The number is not a warning about AI -- it is a warning about the vulnerability debt already embedded in the software infrastructure that enterprise AI depends on. The debt existed before Mythos. What changed is the speed at which it can be found. And the speed at which it could be exploited by someone with equivalent capability.

Sources: Anthropic Project Glasswing  ·  The Hacker News  ·  May 2026

Infrastructure Is the New Strategy

The stories that matter most in enterprise AI rarely arrive as product launches. They arrive as accounting decisions, security findings, and supply chain bets.

JPMorgan's budget reclassification is one of those moves. Moving AI from the innovation column to the infrastructure column is an organizational signal, not a financial one. It means AI survival is no longer optional and no longer reversible. It means the board now governs AI decisions the way it governs data center decisions. For enterprise leaders whose AI programs are still classified as "pilot" or "digital transformation initiative," the gap between that classification and JPMorgan's is not just semantic -- it shapes every resource allocation conversation for the next three years.

Glasswing is the same kind of move in a different domain. The 10,000 critical vulnerabilities Mythos found did not appear this week. They were already there. What changed is that a model can now find them faster than any human security team could previously imagine -- and faster than most security operations centers can patch. That asymmetry between discovery speed and remediation speed is the central security challenge that enterprise AI introduces, regardless of whether your organization is using AI offensively or defensively.

The practical action items are not glamorous: audit your open-source AI dependencies, update your threat model timeline, and classify your AI program at the budget level that reflects what it would cost your business to reverse it. Infrastructure decisions require infrastructure governance. The organizations that treat this week's news as strategy -- not as product announcements -- are the ones who will be ahead of it.

AI is not being added on top of enterprise infrastructure. It is becoming the infrastructure. Govern it accordingly.

AK  /  Spearhead  /  Building AI systems, not tools

The Agentic Enterprise

By Spearhead  ·  theagenticenterprise.so  ·  Building AI systems, not tools

Edition: May 29, 2026. Produced using Claude (Anthropic) via the Spearhead Cowork platform. Sourcing via live web search on production date. Spearhead's technology partners include Anthropic; Glasswing coverage is on its news merits, relationship disclosed per editorial policy. © 2026 Spearhead.