AI Sec Watch

LangChain version 1.2.9 includes several bug fixes and feature updates, such as normalizing raw schemas in middleware response formatting, supporting state updates through wrap_model_call (a function that wraps model calls to add extra behavior), and improving token counting (the process of measuring how many units of text an AI needs to process). The release also fixes issues like preventing UnboundLocalError (a programming error where code tries to use a variable that hasn't been defined yet) when no AIMessage exists.

Anthropic's Claude Opus 4.6, a new AI language model, discovered over 500 previously unknown high-severity security flaws in popular open-source software libraries like Ghostscript, OpenSC, and CGIF by analyzing code the way a human security researcher would. The model was able to find complex vulnerabilities, including some that traditional automated testing tools (called fuzzers, which automatically test software with random inputs) struggle to detect, and all discovered flaws were validated and have since been patched by the software maintainers.

Version 5.4.0 (released February 5, 2026) is an update to a security framework that documents new attack techniques targeting AI agents, including publishing poisoned AI agent tools (malicious versions of legitimate tools), escaping from AI systems to access the host computer, and exploiting vulnerabilities to steal credentials or evade security. The update also includes new real-world case studies showing how attackers have compromised AI agent control systems and used prompt injection (tricking an AI by hiding commands in its input) to establish control.

A website called Moltbook, built using agentic AI (AI systems that can take actions autonomously to complete tasks), exposed all its user data because its API (the interface that lets different software talk to each other) was left publicly accessible without proper access controls. This is a predictable security failure that highlights risks when AI is used to build complete platforms without adequate security oversight.

Anthropic released Opus 4.6 and OpenAI released GPT-5.3-Codex (currently available only through the Codex app, not via API) as major new model releases. While both models perform well, they show only incremental improvements over their predecessors (Opus 4.5 and Codex 5.2), with one notable demonstration being the ability to build a C compiler (a program that translates code into machine instructions) using multiple parallel instances of Claude working together.

LangChain-core version 1.2.9 includes several bug fixes and improvements, particularly adjusting how the software estimates token counts (the number of units of text an AI processes) when scaling them. The release also reverts a previous change to a hex color regex pattern (a rule for matching color codes) and adds testing improvements.

OpenAI CEO Sam Altman publicly criticized rival company Anthropic on social media for running satirical Super Bowl advertisements that mock the idea of ads in AI chatbots, calling Anthropic 'dishonest' and 'deceptive.' Social media users mocked Altman's lengthy response, comparing it to an emotional outburst, with one tech executive advising him to avoid responding to humor with lengthy written posts.

Most organizations struggle with AI security because they lack visibility and control over where employees actually use AI tools, including shadow AI (unauthorized tools), browser extensions, and AI features embedded in everyday software. Traditional security tools weren't designed to monitor AI interactions at the moment they happen, creating a governance gap where AI adoption has far outpaced security controls. A new approach called AI Usage Control (AUC) is needed to govern real-time AI behavior by tracking who is using AI, through what tool, with what identity, and under what conditions, rather than just detecting data loss after the fact.

A reported $100 billion deal between Nvidia (a chipmaker) and OpenAI (the company behind ChatGPT) appears to have collapsed. The deal was a circular arrangement, meaning Nvidia would give OpenAI money that would mostly be spent buying Nvidia's own chips, raising questions about how AI companies will fund their expensive expansion without this agreement.