[May 21–May 28, 2026] Weekly Generative AI News Roundup: AI Search Reliability, Zero Trust for Agents, Long-Running Codex Work, and the OpenAI Fund Take Center Stage
The generative AI news from May 21 to May 28, 2026 was less about “new model performance competition” and more about how to use generative AI safely, continuously, and reliably within society and enterprises. Google added “Preferred Sources” and “Highly Cited” labels to AI Search, moving toward making trustworthy sources easier to find within AI-generated answers. Anthropic expanded Claude’s security and compliance integrations and also released a practical framework for protecting AI agents with zero trust. OpenAI strengthened Codex support for long-running tasks, and the OpenAI Foundation announced support worth $250 million to prepare for employment and economic changes caused by AI.
This week’s keyword is: from “using AI” to “governing AI.”
Generative AI has already entered many workflows, including search, coding, research, security, accounting, legal work, education, and customer support. That is why what matters from now on is not only which model is the smartest. What sources is the AI using? What permissions does it operate with? How far may it act autonomously? What logs are retained? How should it be stopped when it makes a mistake? These operational designs are now becoming the main focus.
Key Points of the Week
- Google expanded “Preferred Sources” in AI Search, making it easier to find trusted sources selected by users within AI Overviews and AI Mode.
- Google also expanded the “Highly Cited” label and link carousels for current topics, trying to improve the relationship between generative AI search, publishers, and primary information.
- OpenAI updated ChatGPT / Codex with Appshots, Goal mode, browser annotations, and safe remote continuation, making long-running coding tasks easier to carry forward.
- OpenAI Foundation was reported to be committing an initial $250 million to address changes in labor markets and regional economies caused by AI.
- Anthropic announced 28 security and compliance tool integrations for Claude Enterprise / Claude Platform.
- Anthropic published “Zero Trust for AI agents,” organizing how permissions, memory, tool use, and monitoring should be designed in the AI agent era.
- Anthropic published “Using LLMs to secure source code,” emphasizing the importance not only of finding vulnerabilities with LLMs, but also verification, triage, and remediation.
- Anthropic was reported to be in talks to use Microsoft-made AI chips, showing that diversification of compute resources is becoming increasingly important for AI companies.
- Snowflake raised its annual outlook on the back of a $6 billion partnership with AWS and AI demand, further strengthening the link between data infrastructure and generative AI.
- Salesforce faced investor concerns over AI-driven changes in SaaS, raising the question of how traditional software companies should adapt to the AI agent era.
Featured AI ①: Google AI Search — Moving Toward “Choosing Trustworthy Sources Within AI Answers”
What Was Announced?
On May 27, Google announced a mechanism to highlight user-specified “Preferred Sources” in AI Overviews and AI Mode. Preferred Sources is a feature that lets users preselect websites or media they trust, making those sources easier to identify in AI answers and search results. Google also expanded link carousels for understanding current topics and the “Highly Cited” label for finding influential original reporting.
This addresses major weaknesses of generative AI search: “sources are hard to see,” “it is unclear which site’s viewpoint is being reflected,” and “it is difficult to reach primary information.” As AI search becomes more convenient, users may become satisfied with the answer alone, but important information requires checking the basis. Google’s latest update strengthens the path back to trusted sources rather than merely letting AI summarize information.
What Becomes More Convenient?
This update is especially useful in situations such as:
- Prioritizing media you usually trust when reading news
- Avoiding missing official documentation or specialist sites when researching technical information
- Checking primary sources or expert organizations in fields such as medicine, law, finance, and education
- Quickly moving from an AI answer to the original article or detailed explanation
- Comparing multiple viewpoints on breaking topics
Generative AI search is very useful for quickly grasping an overview. However, summaries remove context. Preferred Sources and Highly Cited can be seen as features that return AI search from “a place to read answers” to “an entrance to reliable information.”
Usage Sample: Improving Reliability in AI Search
Before using AI search, set your Preferred Sources.
Examples:
- Technology: official documentation, major OSS GitHub repositories, trusted tech media
- Business: Reuters, Nikkei, official IR pages
- Medical: public institutions, academic societies, hospitals/research institutions
- Legal: government agencies, legal databases, specialist publishers
Checklist when searching:
1. Does the AI answer include Preferred Sources?
2. Did you check primary reporting with the Highly Cited label?
3. Did you separate forum/SNS-derived information from official information?
4. Before using it for an important decision, did you open the original article or source material?
Practical Impact
More people are using AI search in corporate research. That is why it is becoming valuable to create internal “AI search usage rules.” For example, separate official announcements and reporting in competitor research, do not judge legal research based only on AI answers, and include official documentation as Preferred Sources for technical research.
AI search will increasingly become the entrance to work. Therefore, search skill is changing from “the ability to enter keywords” to “the ability to choose trustworthy sources and verify AI answers.”
Featured AI ②: OpenAI Codex — Moving Toward Long-Running Coding Work “Progressing Toward a Goal”
What Was Announced?
In the May 21 ChatGPT release notes, OpenAI added multiple updates to Codex. The main updates include Appshots, Goal mode, browser annotations, browser usage improvements, and, for some Mac Computer Use users, a mechanism to safely continue work even after locking.
The most important is Goal mode. This is a mode where users define “what they ultimately want to achieve” and the “success criteria,” and Codex continues working toward that goal. Traditional AI coding was often centered on short requests such as “write this function” or “fix this error,” but Goal mode is suited to longer tasks such as “complete this feature,” “reproduce and fix this bug,” or “finish this UI to meet these conditions.”
What Becomes More Convenient?
The Codex updates make it easier for AI to understand the work context without developers repeatedly giving long explanations.
- Appshots: show Codex the state of screens or application windows
- Goal mode: define the purpose and success criteria so AI can continue work
- Browser annotations: make feedback on frontend or styling fixes easier
- Remote continuation: reduce interruption and make it easier to delegate long-running tasks
In other words, Codex is moving from “AI that writes code” toward “AI that works while looking at screens, browsers, and the development environment.”
Usage Sample: Delegating UI Fixes with Goal Mode
Goal:
Improve the input form on the checkout screen.
Success criteria:
1. Error messages appear directly below each input field
2. The button is disabled while submitting
3. The layout does not break on mobile widths
4. Existing E2E tests pass
5. Add one new accessibility check
Constraints:
- Do not change the payment API specification
- Reuse existing text keys as much as possible
- Focus changed files mainly under checkout/
First provide a work plan, then proceed while checking in the browser if needed.
With a request like this, AI can more easily create a flow of screen checking, fixing, testing, and re-fixing, rather than merely outputting code.
Practical Impact
The value of AI coding is shifting from completion to “continuity of work.”
Single-line code completion is useful, but the truly time-consuming parts are root-cause investigation, impact analysis, screen adjustment, test fixes, and PR description creation. Codex’s updates support exactly those longer parts.
However, the more work you delegate to AI, the more important it becomes to clarify acceptance criteria.
Instead of saying “fix it nicely,” you need to define in advance “what must pass for this to be considered complete.” From now on, developers will need not only the ability to make AI write code, but also the ability to define tasks for AI.
Featured AI ③: Claude Enterprise / Platform — 28 Security and Compliance Integrations Make Enterprise Adoption More Realistic
What Was Announced?
On May 21, Anthropic announced 28 security and compliance tool integrations for Claude Enterprise and Claude Platform. Target categories include DLP, SASE, data security, SIEM, security operations, identity management, eDiscovery, AI security posture management, and AI observability platforms.
Integration partners include Cloudflare, CrowdStrike, Datadog, Fortinet, IBM Guardium, Microsoft Purview, Netskope, Okta, Palo Alto Networks, Proofpoint, Relativity, Snyk, Tenable, Varonis, Wiz, and Zscaler.
At the center of this announcement is the Claude Compliance API. It enables Claude Enterprise conversations, uploaded files, Projects, logins, administrator actions, and configuration changes to flow into security and audit systems that enterprises already use.
What Becomes More Convenient?
When companies introduce generative AI, the biggest concern is that it is “useful, but not manageable.”
Who entered what? Were confidential details entered? Is the document allowed to be externally transmitted? Are audit logs retained? Is access for former employees disabled? If these remain unclear, AI adoption stops at the PoC stage.
Claude’s new integrations are useful in the following ways:
- Claude usage can be monitored with existing DLP and SIEM systems
- Confidential information input becomes easier to detect
- Audit logs can be integrated into existing security operations
- Administrator actions and setting changes can be tracked
- Compliance teams can more easily check AI usage status
- Adoption becomes easier in regulated industries such as finance, healthcare, legal, and government
Usage Sample: Claude Usage Policy in an Enterprise
Example Claude usage rules:
1. As a rule, do not enter customer personal information
2. If input is necessary, use masked data
3. Handle contracts and financial documents only in approved Projects within Claude Enterprise
4. Send all usage logs to the SIEM
5. If DLP detects confidential information input, notify the administrator
6. Automatically disable access for former employees and transferred employees through the identity management tool
Practical Impact
This announcement shows Claude moving from “a high-performance chat AI used by individuals” to “a business foundation used under enterprise control.”
Generative AI is useful, but companies cannot adopt it unless it can be controlled. Security and compliance integrations may look unglamorous, but they are actually the core of enterprise AI adoption.
Featured AI ④: Claude Security — Zero Trust Becomes a Major Theme in the AI Agent Era
What Was Announced?
On May 27, Anthropic published “Zero Trust for AI agents.” This is a security framework for safely deploying AI agents that autonomously use tools and perform multi-step work inside enterprises.
Anthropic explains that advances in AI models are shortening the time from vulnerability discovery to exploitation. Defenders become faster, but attackers also become faster. In addition, AI agents themselves choose tools, use permissions, retain memory, and cooperate with multiple agents, making traditional access control insufficient.
What Becomes More Convenient?
The idea of zero trust is “trust nothing, verify everything.” Applied to AI agents, this means designs such as:
- Give each agent a clear identity
- Minimize permissions for each task
- Restrict usable tools
- Inspect inputs and outputs
- Protect memory and long-term context
- Work inside sandboxes
- Log all operations
- Monitor abnormal repetition and permission abuse
- Control information sharing between multiple agents
Usage Sample: Permission Control for an AI Agent
Example permissions for a sales support agent:
Allowed:
- Read CRM
- Read calendar
- Draft emails
- Summarize customer status
Requires approval:
- Send emails
- Send contracts
- Export customer data
- Transfer data to external tools
Prohibited:
- Send customer personal information to external services
- Automatically change pricing conditions
- Automatically finalize contract terms
- Operate with administrator privileges
Practical Impact
AI agents will significantly change future work.
However, the more AI can “act,” the greater the risks become. Sending emails, deleting files, updating databases, calling APIs, and contacting customers all require responsibility and judgment when done by humans. If AI is allowed to handle them, it needs equivalent permissions and auditing.
In future enterprise AI adoption, the important selection criterion will not only be “What can this AI do?” but also “What is this AI not allowed to do on its own?”
Featured AI ⑤: Source Code Security with Claude Opus — The Bottleneck Moves from Discovery to “Verification and Fixing”
What Was Announced?
On May 27, Anthropic published “Using LLMs to secure source code.” This is a practical guide for using Claude Opus to find, verify, triage, and fix vulnerabilities in codebases.
What matters is Anthropic’s point that “vulnerability discovery has become easier to parallelize, but the bottleneck has shifted to verification, triage, and patching.” In other words, even if AI can find many suspicious places, the important part is judging whether they are truly exploitable, which ones are serious, and how they should be fixed.
Anthropic explains that in its own open source scanning, as of May 22, 2026, it had disclosed 1,596 vulnerabilities, of which 97 had been patched. These numbers show that while AI discovery capabilities are strengthening, the flow through to fixes can struggle to keep up.
What Becomes More Convenient?
Claude Opus is useful for code security tasks such as:
- Creating threat models
- Creating sandboxes and separating verification environments
- Finding vulnerability candidates in a codebase
- Checking whether they are truly exploitable
- Organizing duplicates and assigning severity
- Proposing minimal fixes
- Searching for similar variants after fixing
Usage Sample: Safe Code Scanning Request
Please review this repository for defensive purposes.
Goal:
Find vulnerabilities in our own code and decide remediation priority.
Constraints:
- Limit information to what is necessary for defense and remediation, not detailed attack procedures
- Access to external systems is prohibited
- Verification must be only within a local sandbox
- First create a threat model
- Next find candidates
- Finally, create a table with verification method, severity, and remediation proposal
Output:
1. Threat model
2. List of vulnerability candidates
3. Items requiring verification
4. Remediation priority
5. Patch policy
Practical Impact
AI-based security review will continue to spread.
However, if teams simply trust AI-generated vulnerability candidates, false positives will exhaust the workplace. What matters is not increasing the number of findings, but making them verifiable and moving them through to remediation.
Security teams need to use AI not only as a “finder,” but also build verification environments, triage standards, remediation workflows, and recurrence-prevention mechanisms together.
Featured AI ⑥: OpenAI Foundation — $250 Million in Support for Employment and Economic Changes Caused by AI
What Was Announced?
On May 27, Reuters reported that the nonprofit organization overseeing OpenAI would provide an initial commitment of $250 million to address the impact of AI on labor markets and regional economies. The targets include research on AI’s impact on labor markets, support for workers and regions likely to be affected in the near future, and exploration of ways to distribute AI’s economic benefits more broadly.
OpenAI Foundation also indicated that it would not merely provide grants, but directly operate some programs. The background is the recognition that AI-driven economic change is moving so quickly that measures are needed on a shorter timeline than usual.
Why It Matters
Generative AI increases productivity, but it also significantly changes the content of work.
Coding, clerical processing, customer support, document creation, analysis, translation, and creative drafting are especially likely to be affected. For companies, this means efficiency. For workers and communities, it means job redesign and reskilling.
OpenAI Foundation’s support shows a direction in which AI companies do not simply release technology, but also engage with its social impact.
Usage Sample: Internal AI Impact Assessment
Classify internal work by AI impact level.
Categories:
1. Tasks easily automated immediately
2. Tasks assisted by AI
3. Tasks where human judgment remains central
4. New tasks that will become necessary
Target departments:
- Accounting
- Sales
- Customer support
- Development
- HR
- Legal
Output:
- Impact by department
- Required training
- Measures to start within 6 months
- Explanation text for employees
Practical Impact
Companies should not treat AI adoption merely as an efficiency project.
They need to consider not only how many hours AI can reduce, but where the freed time will be reallocated, which job types need reskilling, and how to close the gap between people who can use AI and those who cannot.
The real challenge of AI adoption is not tool introduction, but job redesign. This week’s OpenAI Foundation move shows that this discussion has entered an unavoidable stage.
Featured AI ⑦: Anthropic × Microsoft AI Chip Talks — Generative AI Competition Is Also Decided by “Compute Resources”
What Was Reported?
On May 21, Reuters reported that Anthropic was in talks to rent servers using Microsoft-designed AI chips. The talks are at an early stage and may not lead to an agreement, but if realized, it would be a major boost for Microsoft’s in-house AI chip business.
In the background is a trend in which AI companies are trying to reduce dependence on NVIDIA and diversify compute resources by combining proprietary chips from Amazon, Google, Microsoft, and others.
Why It Matters
Generative AI does not run on models alone.
Training large-scale models, responding quickly to user requests, and running long-duration agents all require enormous compute resources. If compute resources are insufficient, usage limits become stricter, latency increases, and prices rise.
In other words, the usability of AI services depends not only on model performance, but also on which cloud, which chips, and which supply contracts a company has.
Practical Impact
When companies choose AI tools, they need to look not only at model intelligence, but also at:
- Whether usage limits are stable
- Whether performance slows during peak hours
- Whether long-running tasks stop midway
- Whether prices may suddenly rise
- Which regions are supported
- Whether data residency and regulatory requirements are met
- Whether switching across multiple vendors is possible
Competition in the AI era is becoming an all-out battle that includes not only software, but also data centers, chips, electricity, and cloud contracts.
Enterprise AI Market: Snowflake Raises Outlook on AI Demand, Salesforce Faces Concern Over AI Disruption
Snowflake’s Move
On May 27, Snowflake raised its full-year product revenue outlook, supported by AI workloads and cloud migration demand. It also announced a $6 billion strategic partnership with AWS. To use AI seriously, companies need data infrastructure. Snowflake’s move shows that generative AI is entering a stage where it creates value by connecting with enterprise data, not merely by functioning as chat.
Salesforce’s Move
Meanwhile, Salesforce’s first-quarter revenue exceeded expectations, but its second-quarter outlook fell below market expectations, and concerns were reported about AI-driven changes in the software industry. If AI agents directly handle CRM, customer support, sales assistance, and analytics, the value of traditional SaaS will be redefined.
Practical Implications
Two trends are happening simultaneously in enterprise AI.
- Data infrastructure companies are gaining value from AI demand
- Traditional SaaS companies may see their functions eroded by AI agents
In future enterprise IT, the major question will be whether to “add AI to existing SaaS” or whether “AI agents will stand in front of SaaS.”
Conclusion Across the Week: The Main Themes Were “Trust, Control, and Continuous Work”
Looking across this week’s news, generative AI is moving in three directions.
1. AI Search Is Entering a Stage That Emphasizes Evidence and Sources
Google’s Preferred Sources and Highly Cited show that AI search is beginning to confront the problem of reliability. It will be important to design AI search so it does not end with AI answers alone, but returns users to original sources.
2. AI Agents Now Presume Zero Trust and Auditing
Anthropic’s Compliance API integrations, Zero Trust for AI agents, and source code security guide are realistic designs needed to use AI agents in enterprises. Permissions, logs, sandboxes, DLP, and SIEM integration are becoming essential requirements for AI adoption.
3. AI Coding Is Moving from Completion to Long-Running Tasks
OpenAI Codex’s Goal mode and Appshots show that AI coding is expanding beyond simple completion or short fixes into longer tasks involving screens, browsers, and application context. Developers will need not only the ability to write code, but also the ability to give AI success criteria.
Points to Watch Next Week and Beyond
1. Will Google’s AI Search Improvements Change Its Relationship with Publishers?
As Preferred Sources and Highly Cited spread, publishers and specialist sites will become more conscious of “how they are found in AI search.” Discussion around SEO for the generative AI search era, or GEO (Generative Engine Optimization), is likely to advance further.
2. Will Codex Goal Mode Take Root in Development Teams?
For Goal mode to truly be used, development teams need a culture of clearly writing acceptance criteria. AI-oriented task definition templates may become standardized.
3. Will Claude’s Zero Trust Design Become the Enterprise AI Standard?
As AI agents connect to email, CRM, GitHub, accounting systems, and internal databases, zero trust design becomes unavoidable. It will be worth watching whether Anthropic’s proposal spreads to other AI providers.
4. Will Investment in AI’s Social Impact Expand?
OpenAI Foundation’s $250 million commitment is a move by an AI company to directly face social impact. Other companies may strengthen support for employment, education, and regional economies going forward.
Summary: This Week’s Keyword Was “The Conditions for Trusting AI with Work”
The generative AI news from May 21 to May 28, 2026 strongly showed that while generative AI is moving further “into work,” trust and control are indispensable for that to happen.
Google introduced Preferred Sources and Highly Cited in AI search, making information sources more visible. OpenAI made it easier to proceed with long-running tasks through Codex and announced support for labor market changes through the OpenAI Foundation. Anthropic released a series of practical guides and integrations around Claude security and compliance, zero trust, and source code security, laying the groundwork for safely using AI agents in enterprises. News from Snowflake and Salesforce showed that generative AI is beginning to transform the enterprise software market itself.
When using generative AI from now on, it is important not to choose based on model name alone.
- Which information sources will you trust?
- What permissions will you give AI?
- How far will you allow autonomous execution?
- What logs will you retain?
- How will you verify outputs?
- How will you stop it when it fails?
- How will you redesign work changed by AI?
Organizations that can decide these seven points will be able to use generative AI safely and in genuinely useful ways.
This week’s news clearly showed that AI is moving from “impressive technology” to “a governed social infrastructure.”
Reference Links
- Google: New ways to find your favorite sources and original content in AI Search
- Google: Gemini 3.5: frontier intelligence with action
- Google: Introducing Gemini Omni for Google Flow and Flow Music
- OpenAI: ChatGPT Release Notes (Codex updates)
- Reuters: OpenAI Foundation commits $250 million to help workers, economies navigate AI disruption
- Anthropic: Claude now works with more security and compliance tools
- Anthropic: Zero Trust for AI agents
- Anthropic: Using LLMs to secure source code
- Reuters: Anthropic in talks to use Microsoft’s AI chips
- Reuters: Snowflake raises annual product revenue forecast, strikes $6 billion AWS deal
- Reuters: Salesforce sees quarterly revenue below estimates amid AI disruption fears