AI Sec Watch

A website called Moltbook, built using agentic AI (AI systems that can take actions autonomously to complete tasks), exposed all its user data because its API (the interface that lets different software talk to each other) was left publicly accessible without proper access controls. This is a predictable security failure that highlights risks when AI is used to build complete platforms without adequate security oversight.

Anthropic released Opus 4.6 and OpenAI released GPT-5.3-Codex (currently available only through the Codex app, not via API) as major new model releases. While both models perform well, they show only incremental improvements over their predecessors (Opus 4.5 and Codex 5.2), with one notable demonstration being the ability to build a C compiler (a program that translates code into machine instructions) using multiple parallel instances of Claude working together.

LangChain-core version 1.2.9 includes several bug fixes and improvements, particularly adjusting how the software estimates token counts (the number of units of text an AI processes) when scaling them. The release also reverts a previous change to a hex color regex pattern (a rule for matching color codes) and adds testing improvements.

OpenAI CEO Sam Altman publicly criticized rival company Anthropic on social media for running satirical Super Bowl advertisements that mock the idea of ads in AI chatbots, calling Anthropic 'dishonest' and 'deceptive.' Social media users mocked Altman's lengthy response, comparing it to an emotional outburst, with one tech executive advising him to avoid responding to humor with lengthy written posts.

Most organizations struggle with AI security because they lack visibility and control over where employees actually use AI tools, including shadow AI (unauthorized tools), browser extensions, and AI features embedded in everyday software. Traditional security tools weren't designed to monitor AI interactions at the moment they happen, creating a governance gap where AI adoption has far outpaced security controls. A new approach called AI Usage Control (AUC) is needed to govern real-time AI behavior by tracking who is using AI, through what tool, with what identity, and under what conditions, rather than just detecting data loss after the fact.

A reported $100 billion deal between Nvidia (a chipmaker) and OpenAI (the company behind ChatGPT) appears to have collapsed. The deal was a circular arrangement, meaning Nvidia would give OpenAI money that would mostly be spent buying Nvidia's own chips, raising questions about how AI companies will fund their expensive expansion without this agreement.

OpenAI published a paper describing new mitigations for URL-based data exfiltration (a technique where attackers trick AI agents into sending sensitive data to attacker-controlled websites by embedding malicious URLs in inputs). The issue was originally reported to OpenAI in 2023 but received little attention at the time, though Microsoft implemented a fix for the same vulnerability in Bing Chat.

AutoGPT is a platform for creating and managing AI agents that automate workflows. Before version 0.6.34, the SendDiscordFileBlock feature had an SSRF vulnerability (server-side request forgery, where an attacker tricks the server into making unwanted requests to internal systems) because it didn't filter user-provided URLs before accessing them.

This article discusses both harms and benefits of AI technologies, arguing that policy should focus on the specific context and impact of each AI use rather than broadly promoting or banning AI. The text warns that AI can automate bias (perpetuating discrimination in decisions about housing, employment, and arrests), consume vast resources, and replace human judgment in high-stakes decisions, while acknowledging beneficial uses like helping scientists analyze data or improving accessibility for people with disabilities.