Baseten is close to closing a $1.5B round at a $13B valuation just five months after its $300M Series E. The raise is split-priced and co-led by Spark, Sands, Altimeter, and Wellington.

OpenAI shipped credit usage analytics and granular spend controls for ChatGPT Enterprise on June 18. Admins get a single dashboard for credit burn across ChatGPT and Codex, plus a Cost API.

Cloudflare shipped Temporary Accounts for AI agents on June 19. An agent can run wrangler deploy --temporary and get a live Worker in seconds, with 60 minutes for a human to claim the account.

Atomic Mail launched the first email service where AI agents can register and run their own inboxes without a human setting them up, built on the JMAP open standard and protected by Proof-of-Work.

CrowdStrike shipped Continuous Identity for AI Agents at Identiverse 2026, a new authorization plane inside Falcon that gives every agent a SPIFFE-based identity and revokes access when risk changes.

Microsoft is making a bet that the operating system, not the model, is where AI agent security has to live. MXC is the new abstraction the company says will keep Windows and WSL agents contained.

Estonia is set to become the first country in the world to issue AI ID codes to autonomous software agents, a separate, scoped, auditable identifier layered on top of the country's existing human ID infrastructure.

A Cloud Security Alliance and Token Security report on 418 IT and security pros argues shadow AI in 2026 is no longer a data leakage problem. It is an access control problem across agent-driven non-human identities.

Microsoft's Defender Security Research team found a chain in AutoGen Studio that turns a single malicious webpage into an RCE on the developer's host. PyPI users are not exposed, but the pattern is broader than one bug.