AI Radar for Business — Week of July 3-9, 2026
noticias radar ia agentes de ia ai act

AI Radar for Business — Week of July 3-9, 2026

· CompaniesAutomation

The week of July 3-9 in AI for business: OpenAI releases GPT-5.6 after government review, Claude Sonnet 5 arrives on Amazon Bedrock, Microsoft puts $2.5 billion into implementation, the AI Act postpones high-risk (but August 2 remains live), and the first AI agent-operated ransomware appears.

A week of open floodgates for models: OpenAI releases GPT-5.6 following the U.S. government's security review, and Claude Sonnet 5 lands on Amazon Bedrock. Microsoft moves $2.5 billion toward client AI implementation—a sign that the bottleneck is no longer the model, but putting it into production. And in Europe, the postponement of the AI Act's high-risk obligations is confirmed, though the August 2nd date remains active for transparency and training.

OpenAI releases GPT-5.6: three model tiers and a government review in between

OpenAI announced on Tuesday the 8th that its GPT-5.6 series—Sol, Terra, and Luna—will be released to the public on Thursday, July 9th, after weeks of being limited to a small group of partners at the request of the U.S. government. Sol is the most powerful variant (tuned for biology, chemistry, and cybersecurity), Terra is the daily-use model, and Luna is the budget-friendly option; the new naming scheme points to stable capability tiers that will evolve independently. For your company: there is a new generation in the API—it's time to re-evaluate your workflows and assign tiers by task (Luna for volume, Sol for heavy reasoning), and it's best to assume that government review of frontier models is now part of the release schedule. Source

Microsoft creates Frontier Company: $2.5 billion and 6,000 engineers because pilots aren't reaching production

Microsoft announced on the 2nd a new operating unit, Microsoft Frontier Company, with $2.5 billion and 6,000 industry and engineering experts who embed themselves in client operations to co-design, deploy, and improve AI systems against measurable business results. It will be led by Rodrigo Kede Lima and will work alongside Accenture, Capgemini, EY, KPMG, and PwC. For your company: this is confirmation, backed by a budget, that value lies in implementation rather than the license—if a provider sells you a tool without a deployment team or result metrics, they are rowing against the direction of the entire market. Source

AI Act: High-risk delayed to December 2027, but August 2nd stands

The Digital AI Omnibus has final green light (Parliament on June 16, Council on the 29th; only the Official Journal is pending): Annex III high-risk obligations move from August 2, 2026, to December 2, 2027, and those for AI embedded in regulated products to August 2, 2028. What isn't moving: the transparency of Article 50—notifying when a user is speaking with an AI and marking synthetic content, with a four-month grace period for marking in existing systems—and the AI literacy duty of Article 4. For your company: if you use customer-facing chatbots or generate content with AI, those obligations still arrive in three and a half weeks; the postponement only gives breathing room to those with high-risk systems (recruitment, credit, etc.). Source

Claude Sonnet 5 arrives on Amazon Bedrock, and agents can now handle desktop applications

AWS announced on the 6th the availability of Claude Sonnet 5 on Amazon Bedrock: high-end intelligence at a mid-range price, oriented toward code, agents, and long tasks with precise tool usage. In the same weekly review, Amazon confirms the general availability of WorkSpaces for AI agents: managed desktop environments where an agent operates traditional applications without modernizing or custom-integrating them. For your company: if your infrastructure lives in AWS, you can build frontier-level agents without moving data out of your cloud; and the WorkSpaces route opens the door to automating that legacy ERP that lacks an API. Source

First ransomware operated by an AI agent: your AI stack is also an attack surface

Sysdig documented JADEPUFFER, the first known case of ransomware managed end-to-end by an LLM: the agent exploited a known Langflow vulnerability (CVE-2025-3248), stole credentials, moved laterally to a production database, and encrypted 1,342 configurations before demanding a ransom—correcting itself whenever a step failed. For your company: the cost of attacking you has dropped to the price of running an agent, and the entry point was precisely an AI tool exposed to the internet; patch your AI stack (Langflow, n8n, and similar) with the same discipline as the rest of your systems and banish default credentials. Source

AESIA focuses on employment: take note if you are automating positions

The Advisory Committee of the AESIA Ideas Lab—the Spanish agency that will oversee the AI Act—approved two new workgroups to study the impact of AI on minors and the labor market, with the task of proposing governance measures. For your company: this is not a new obligation, it’s a signal of where the Spanish regulator is looking; documenting the labor impact of your automation projects—hours freed, roles relocated, training provided—is no longer just a internal best practice. Source

What to watch for next week?

The publication of the Digital Omnibus in the EU Official Journal (entering into force three days later) and any practical guides leading up to August 2nd. Also the actual deployment of GPT-5.6—final pricing and first independent benchmarks—and the response from Google and Anthropic, who rarely let a week like this pass without making a move.