TLDR IT 2026-05-13

We spent months interviewing IT leaders who are actively building the AI-era playbook at Cloudflare, Cursor, Lyft, GitLab, Nextdoor, Zip, Rubrik, Zscaler and Palo Alto Network, among others. Read the playbook that includes:

• The growth case for AI
• Running 90 day pilots, not 12-month RFPs
• Why it's IT's time to build
• The emergence of the IT engineer

Teams running this playbook are tracking toward delivering 40% of business initiative needs. Most IT organizations deliver 15% to 20% today.Download The State of IT 2026: the first research report on what the highest-performing IT organizations are building, and how.

Instructure, the company behind Canvas, reached a deal with hackers who breached its systems twice and stole large amounts of student and staff data. The company said the agreement is intended to prevent the stolen information from being published, making the incident a sharp example of how breach response increasingly includes negotiation with attackers, not just remediation.

The Checkmarx Jenkins AST plugin version 2026.5.09 is compromised by TeamPCP, carrying a 9.4 CVSS score (CVE-2026-33634). Attackers targeted cloud credentials and SSH keys. Users must immediately downgrade to version 2.0.13-829.vc72453fa_1c16 and rotate all exposed secrets to mitigate potential unauthorized access to enterprise environments.

Daybreak is a cybersecurity initiative from OpenAI that uses LLMs, Codex agentic capabilities, and partners like Cloudflare, Cisco, CrowdStrike, Oracle, and Zscaler to find and help patch vulnerabilities. The product is publicly available for companies to request security-risk assessments, positioning OpenAI directly against Anthropic's Mythos-style cyber models.

GitLab announced a restructuring tied to its “agentic era” strategy, including flattening parts of the org, reorganizing R&D into roughly 60 smaller teams, and embedding AI agents into internal reviews, approvals, and handoffs. CEO Bill Staples framed the shift around software increasingly being “built by machines, directed by people,” with humans still owning architecture, judgment, and customer understanding.

Employees at Amazon, Meta, and Microsoft have reportedly gamed internal AI usage metrics, with some Amazon workers using tools unnecessarily to increase token usage. The story highlights a growing enterprise problem: measuring AI adoption by activity can incentivize performative usage instead of real productivity gains.

Broadcom launched VMware Cloud Foundation 9.1 with cheaper memory scaling, better storage efficiency, faster Kubernetes scaling, and deeper cyber recovery features aimed at production AI workloads. Infrastructure vendors are aggressively pitching private cloud as a cheaper, more controllable alternative to public cloud for inference and agent workloads.

Microsoft Copilot Studio's April 2026 updates introduce Agent 365 for centralized governance, the Analytics Viewer role for performance monitoring, and expanded usage estimators for Dynamics 365. New features include embedded agent workflows, interactive app experiences in Copilot Chat, and the Work IQ API for multi-agent orchestration and reasoning.

Exaforce raised a $125M Series B to build AI systems that catch and stop cyberattacks as they happen. The funding reflects the fast-growing market for defensive AI tools, as attackers also use AI to exploit software faster.

Superset, an IDE for multi-agent development, leverages Vercel to manage 1,000–1,400 weekly deployments and 600 daily preview environments. By utilizing Vercel's fluid compute and automated infrastructure, the team enables parallel coding agents to operate without serialization delays, maintaining 30-second build times and supporting exponential commit growth.

Versa launched new CSPM capabilities to pull cloud misconfiguration visibility into its broader SASE platform, reducing the need to jump between separate security tools. Its upcoming framework for controlling AI agents before they can autonomously change policies or infrastructure configs is yet another sign that agent governance is quickly becoming a real enterprise security category.

Google is rolling out Android “Intrusion Logging,” an opt-in Advanced Protection feature that helps security researchers investigate suspected spyware attacks.

Okta is giving IT teams a faster way to build custom integrations and workflows without relying on engineering-heavy middleware.