How would you like to read it?
Same edition, explained without the jargon — and just as faithful. It's not a quick summary: an independent check confirms the plain-language version stays true to the original, without dropping or distorting anything.
Nightmare Eclipse Releases RoguePlanet and GreatXML: Windows Zero-Days That Hold Up After Record Patch Tuesday
The researcher feuding with Microsoft drops two PoCs just hours after the June patches. RoguePlanet, reproduced on fully updated Windows 10 and 11, escalates to SYSTEM; GreatXML is a BitLocker bypass claimed by the researcher, but disputed and not independently verified.
Just hours after June's Patch Tuesday, the researcher known as Nightmare Eclipse (alias Chaotic Eclipse) published two new proof-of-concepts against fully updated Windows 10 and 11. It was the largest Patch Tuesday Microsoft has ever shipped: roughly 200 vulnerabilities fixed and a number of zero-days that sources count differently. An initial tally pointed to three publicly disclosed; BleepingComputer, after an update, counts six: five publicly disclosed and one already exploited in attacks. RoguePlanet has been independently reproduced and validated; GreatXML, by contrast, is a BitLocker bypass claimed by the researcher but disputed and not independently verified.
RoguePlanet exploits a race condition in Microsoft Defender, tied to the timing between mounting an ISO file and the Volume Shadow Copy, to obtain SYSTEM privileges (local privilege escalation). ThreatLocker researchers have confirmed its validity — "our initial analysis confirms that the RoguePlanet exploit is valid and behaves as described," said CEO Danny Jenkins — but the exploit remains timing-sensitive: "it may not work reliably every time," it does not run on Windows Server, and Microsoft's May mitigations had already closed some chains, forcing the researcher to redesign it.
GreatXML, released the next day, is a purported BitLocker bypass. According to the writeup, it is enough to copy unattend.xml and the Recovery folder into the recovery partition and reboot into WinRE: this would yield a shell with full access to the encrypted volume, leveraging Defender's offline scan. Here, however, the story is disputed: researcher Will Dormann judges the writeup "flawed," because launching the offline scan already requires login and admin credentials — a level that lets you disable BitLocker anyway — and he could not verify automatic activation across three Windows 11 builds.
The two PoCs bring the group's zero-day count to eight (the earlier ones — RedSun, UnDefend, BlueHammer, YellowKey, GreenPlasma, MiniPlasma — appear to be patched). In the background, a disclosure conflict: the researcher, possibly a former Microsoft employee, is publishing outside official channels after GitHub and GitLab removed the repositories. Microsoft says it is "actively investigating the validity" of the reports.
Why it matters
- ICT engineers / IT managers: The June patch is necessary but not sufficient, and the two PoCs should be treated differently. RoguePlanet is a real local privilege escalation to SYSTEM, effective even on fully updated systems: where possible, adopt application allowlisting (cited as effective protection against this exploit) and monitor local escalations and anomalous access while waiting for an official patch. GreatXML, by contrast, is not a verified LPE but a disputed claim of a BitLocker bypass via WinRE: according to Microsoft and Will Dormann it presumes administrative privileges and the activation of Defender Offline (a level that lets you disable BitLocker anyway), so track it as an unconfirmed hypothesis and harden WinRE and the recovery partition without overstating the risk.
Anthropic splits agent billing on June 15: Agent SDK and claude -p move to a separate monthly credit at API rates
Update (16 June 2026): on 15 June Anthropic paused the change described below. For now nothing has changed: the Agent SDK,
claude -p, and third-party apps still draw from your subscription's usage limits, with no separate API-priced credit. Anthropic says it will give notice before any future change. (official announcement)
Starting June 15, programmatic use of Claude leaves the subscription limits and lands on a separate monthly credit, billed at API list prices: rigid, non-cumulative, and with a hard stop and no fallback unless you enable overflow.
Starting June 15, 2026, Anthropic is carving programmatic use of Claude out of its subscription plans. As the official documentation confirms, the Agent SDK, the claude -p command (Claude Code's non-interactive mode), the Claude Code GitHub Actions integration, and third-party apps that authenticate with the subscription no longer consume the plan's limits: they draw on a separate monthly credit, billed at the API's list rates.
The credit is sized to the price of the plan — roughly $20 for Pro, $100 for Max 5x, $200 for Max 20x, according to independent coverage — renews with each billing cycle, and does not accumulate: unused amounts do not roll over to the next month. It is tied to a single account and cannot be shared among the members of a team. It must also be requested once from your Claude account, after which it renews automatically.
The key mechanism is the depletion behavior: when the monthly credit runs out, Agent SDK requests continue at API rates only if the user has enabled "usage credits" (overflow billing); otherwise they stop until the renewal, with no automatic fallback. Interactive use of Claude Code in the terminal or IDE, Claude Cowork, and conversations on web, desktop, and mobile remain unchanged; anyone already using a Claude Platform API key does not receive the credit and continues with pay-as-you-go.
Independent analysis reads the move as "a margin move dressed up as a feature": the flat subscription was never designed to subsidize continuous agentic loops, and developers documented the effective price increase for the most automated workloads within hours.
Why it matters
- LLM builders / devs: Anyone running automated or long-horizon Claude agents (Agent SDK, headless claude -p, CI via GitHub Actions) faces, as of today, a rigid monthly cap at full API rates, neither cumulative nor shareable, with a hard stop and no fallback. Act now: confirm you have requested the credit, enable overflow billing where needed, and re-budget or move the heaviest workloads onto a dedicated API key.
The ChatGPT app passes 1 billion monthly users, but Claude grows 640%
According to a Sensor Tower estimate, ChatGPT is the fastest app ever to reach a billion monthly active users. But the fastest growth is elsewhere: Claude is up 640% and Meta AI up 973% year over year.
The ChatGPT app passed 1 billion monthly active users in May 2026, becoming the fastest application in history to hit that milestone. It took just under three and a half years from its November 2022 debut, compared with the five to eight years it took apps like Google Maps, TikTok, Instagram, YouTube and Messenger. The figure comes from a Sensor Tower estimate, picked up by Reuters: it is a third-party count, not an audited OpenAI disclosure, and it measures app users, not usage via the web or API.
This record on scale coexists with competitive momentum that is moving faster elsewhere. ChatGPT's year-over-year growth came in at 62%, while Anthropic's Claude reached roughly 56 million monthly users with growth of about 640%. Meta AI is growing by as much as 973%. Sensor Tower also detects a cannibalization effect: U.S. users who installed Claude in the first quarter of 2026 spent about 5% less time on ChatGPT the following month.
The adoption picture comes alongside growing unease toward AI: a May survey points to workers avoiding the technology for ethical, environmental or privacy reasons. In the background, both Anthropic and OpenAI are moving toward going public.
Why it matters
- Entrepreneurs: The headline number — ChatGPT's billion — isn't the most useful signal for deciding which platform to bet on: the growth rates (Claude +640%, Meta AI +973%) show where the momentum is shifting and where competitive space is opening up in the coming months. The finding that Claude users cut their time on ChatGPT signals markets that are still contestable and suggests not locking yourself into a single vendor for integrations and contracts; it should, however, be read as a third-party estimate of app-only usage, not an audited metric.
IBM and ServiceNow Expand Their Alliance to Bring Agentic AI to Data and Legacy Systems
Announced on June 11, 2026 through the official IBM and ServiceNow press releases, the partnership expansion aims to run agentic AI workflows on existing systems without full migrations. The joint solutions are expected in the second half of 2026.
On June 11, 2026, through their respective official press releases, IBM and ServiceNow announced the expansion of their collaboration to tackle the two obstacles holding back agentic AI in the enterprise: data that is not "AI-ready" and the layer of legacy applications that holds decades of business logic. According to independent coverage, much of enterprise data still resides in pre-cloud systems (mainframes, AS/400, customized ERPs), and migrating it to dedicated AI environments carries prohibitive costs (Eastern Herald).
The collaboration, according to the official announcement, covers three areas (IBM Newsroom). The first is application modernization: IBM Bob, the Enterprise Application Runtime for Java, and watsonx.data scan and refactor old systems without replacing them entirely. The second is data governance: watsonx.data extends the ServiceNow Workflow Data Fabric to bring data quality, observability, and master data management into the Data Catalog. The third concerns autonomous infrastructure operations: Red Hat Ansible, IBM Bob, Instana, and Hashicorp Terraform/Vault integrate into ServiceNow's IT workflows (ServiceNow Newsroom).
ServiceNow states that it handles more than 85 billion workflows a year. It is worth weighing, however, what is genuinely new: this is an expansion of an existing alliance that recombines products already in the catalog into a common reference architecture; the joint solutions are not yet available and will arrive in the second half of 2026, while IBM and ServiceNow note that forward-looking statements are goals subject to change. Independent analysis also points out that execution remains the unknown and places Microsoft Copilot among the competitors in the market for enterprise assistants/agents (Eastern Herald).
Why it matters
- Entrepreneurs: It confirms that the value of agentic AI is unlocked by first solving the knot of "AI-ready" data and legacy systems: for those planning AI projects on existing ERP/CRM, the promise is to act on data in-place without full migrations and their costs. It is also a signal of consolidation among large enterprise vendors; expectations should nonetheless be calibrated, because the joint solutions arrive only at the end of 2026 and their effectiveness will depend on execution and on actual integration.