Agent security flows and dev tool updates #36

June 3, 2026 — 2 min read

Today's Letter

AWS published a June 1 guide for securing MCP client access through Amazon Bedrock AgentCore Gateway.
AgentCore Gateway is positioned as the OAuth-protected entry point for MCP servers and enterprise tools.
The flow starts with an unauthenticated request returning HTTP 401 and OAuth Protected Resource Metadata.
The MCP client then discovers the IdP endpoint and opens a browser-based authorization code flow with PKCE.
AWS lists Amazon Cognito, Okta, Microsoft Entra ID, and Auth0 as supported identity provider patterns.
Kiro IDE is used as the MCP client example, with user identity tokens attached to each tool request.
AWS also describes an optional MCP OAuth proxy to bridge spec differences across clients, IdPs, and MCP servers.

Source: aws.amazon.com

OpenAI said its frontier models and Codex became generally available on AWS on June 1, 2026.
The launch adds two paths on Amazon Bedrock: OpenAI models with AWS-native security and governance controls, and Codex as a software engineering agent.
OpenAI said the AWS route is meant to fit existing enterprise workflows for security, compliance, procurement, billing, and governance.
OpenAI said the offerings are available in both AWS Commercial and GovCloud regions.
Codex is positioned for writing, reviewing, debugging, and modernizing code inside existing AWS development environments.
OpenAI said Codex is used by more than 5 million people every week.
OpenAI also said future AWS availability is planned for Daybreak, including cyber models and Codex Security.

Source: openai.com
More: aws.amazon.com · helpnetsecurity.com · gigazine.net

GitHub said evaluation models are now available to individual non-enterprise GitHub Copilot plans
These evaluation models may be served through Copilot Auto model selection rather than only through explicit model choice
The change was published in the GitHub Changelog on 2026-06-01 as a release update
Users who do not want evaluation models in Auto can disable that behavior from GitHub Copilot settings
GitHub linked separate documentation for evaluation models, indicating the rollout is tied to existing model-selection controls
The update is scoped to individual plans; the changelog entry does not describe new enterprise billing terms or additional usage limits

Source: github.blog
More: theregister.com

Reports say attackers used Meta's AI support assistant to reset passwords on Instagram accounts.
The reported flow added a new email to a target account, received a one-time code, then reset the password.
Defaced accounts reportedly included the Obama White House and the Chief Master Sergeant of the U.S. Space Force.
Telegram posts describing the method began circulating on May 31, 2026, alongside claimed attack footage.
Meta spokesperson Andy Stone said the issue was resolved and that impacted accounts were being secured.
A reported emergency patch was pushed over the weekend, while no backend database breach was reported.
Whether Instagram MFA blocked the attack is disputed across sources and not consistently confirmed.

Source: krebsonsecurity.com
More: news.hada.io · 404media.co · 0xsid.com

Jocoletter curates AI, software, and product trends for developers and builders.

#AWS #GitHub #Meta #OpenAI