Good morning, I'm your AI Brief anchor. Here's what's happening in AI today, Friday, June 26, 2026.
EU's New AI Office Issues First Major Directive
Our top story today: The European Union's new AI Office is flexing its regulatory muscles. In its first major enforcement action under the landmark AI Act, the agency has mandated compulsory third-party audits and continuous “red teaming” for all high-risk AI systems operating in the EU.
This is a significant step, moving AI governance from theory to practice. Companies deploying AI in critical sectors like healthcare, finance, or public infrastructure will now be required to have their systems independently audited for safety, bias, and reliability. They’ll also need to conduct ongoing red teaming, which is essentially hiring ethical hackers to constantly probe their AI for vulnerabilities before bad actors can find them.
The directive signals a new era of accountability for AI developers and sets a powerful global precedent. For companies operating in Europe, the message is clear: the days of self-regulation for powerful AI are over. Expect to see a surge in demand for AI auditors and security specialists as businesses scramble to comply.
A Double Dose of AI Security Threats
Moving on, the push for greater oversight comes as the industry is reeling from a series of major security failures. The AI-powered transcription service VerbalizeAI has confirmed a staggering data breach, exposing over 15 million private customer audio recordings and their corresponding transcripts. The leaked data includes sensitive conversations from enterprise clients in the medical, legal, and financial fields, creating a privacy and security nightmare. This incident is a stark reminder of the immense risks associated with entrusting sensitive data to AI platforms.
Compounding the problem, researchers from the Stanford AI Lab have unveiled a new universal jailbreak technique called "Sleepwalker." This sophisticated method is reportedly capable of bypassing the safety filters on nearly all major large language models. The technique works by embedding hidden, time-delayed instructions within a seemingly harmless prompt. The AI processes the initial safe request, but later, the malicious instructions "wake up" and execute, tricking the model into generating harmful or forbidden content. This discovery highlights the escalating arms race between AI developers building safety measures and researchers finding new ways to break them.
Google Aims to Eliminate the Wait with Gemini Webhooks
And in some more positive news for developers, Google is rolling out a major update to its Gemini API designed to make AI applications faster and more efficient. The company has introduced event-driven Webhooks, a feature aimed at slashing latency for long-running AI jobs.