Good morning, I'm your AI Brief anchor. Here's what's happening in AI today, Monday, May 18, 2026.
Cognition AI Hit By Massive Data Breach
We begin this morning with a major blow to one of AI's rising stars. Cognition AI, the San Francisco-based firm behind the celebrated autonomous coding agent Devin, has confirmed it suffered a critical security breach over the weekend.
According to a company spokesperson, malicious actors exfiltrated gigabytes of sensitive internal data. The stolen assets reportedly include proprietary source code for the Devin agent, internal strategy documents, and a significant cache of customer prompts and data.
This is more than just an embarrassing incident; it's a direct hit to the trust and security of the entire autonomous agent ecosystem. For a company valued in the billions and touted as the future of software development, having its crown jewels and customer data exposed is a worst-case scenario. The breach raises urgent questions about the security posture of even the most advanced AI labs and serves as a sobering reminder that as AI models become more powerful, the companies building them become more valuable targets. Federal investigators are now involved, and the full extent of the damage is still being assessed.
New 'Cognitive Override' Attack Bypasses LLM Safety Filters
And that's not the only security shockwave hitting the industry. A new research paper from Carnegie Mellon's AI Safety Institute has detailed a deeply concerning jailbreak technique dubbed 'Cognitive Override.'
Researchers say this novel, multi-stage attack can reliably bypass the safety alignments built into today's leading large language models. Unlike simpler prompt injections, Cognitive Override uses a series of conversational steps to confuse the model, effectively convincing it to ignore its own safety protocols. The paper claims a success rate of over 80% against several major, unnamed commercial models.
This development presents a fundamental challenge to the current approach to AI safety. It suggests that the guardrails we rely on to prevent models from generating harmful or malicious content might be more fragile than we thought. The technique puts immense pressure on labs like OpenAI, Google, and Anthropic to re-evaluate their defense mechanisms as bad actors will surely look to replicate these findings.
NVIDIA and SentinelAI Launch New Tools to Secure AI
But as threats evolve, so do the defenses. In response to the growing security crisis, two major players have released powerful new open-source tools aimed at protecting AI applications.
First, NVIDIA has officially launched NeMo Guardrails 2.0. This is a major update to its toolkit that helps developers build a layer of security directly into their applications. It's designed to prevent LLMs from going off-topic, executing harmful code, or responding to the very jailbreak attacks we’re now seeing. It acts as a programmable rulebook for AI, giving enterprises more control.