AI Sec Watch

Samsung's Galaxy S26 smartphone combines three AI assistants: Google's Gemini (which can now perform autonomous actions inside third-party apps), Perplexity for web searches, and an upgraded Samsung Bixby for on-device tasks. This multi-agent approach (using multiple separate AI systems together) gives Google's Gemini major market reach before Apple launches a Gemini-powered version of Siri later in 2025, with features that were originally planned for March or April now delayed to May or September.

LangChain's `RecursiveUrlLoader` component had a security flaw where it would validate an initial website address but then automatically follow redirects (automatic jumps to different URLs) without checking them, allowing attackers to redirect from a safe public URL to internal or sensitive endpoints. This vulnerability was fixed in version 1.1.18 of the `@langchain/community` package.

Google's Gemini AI can now automate tasks like booking Ubers or ordering food through DoorDash on certain Pixel 10 and Samsung Galaxy S26 phones. When you give Gemini a command like 'Get me an Uber to the Palace of Fine Arts,' it launches the app in a virtual window, completes the steps automatically, and lets you watch, pause, or take control if needed, though you must submit the final order yourself.

Google announced new Gemini features for Android phones that can automate multi-step tasks like ordering food or rides, along with improvements to scam detection and search capabilities. The automation feature is currently in beta and limited to certain apps and devices in the U.S. and Korea. To prevent problems, Google added protections so automations require explicit user commands, can be monitored and stopped in real time, and run in a secure virtual environment (an isolated space on your phone) that can only access limited apps.

Anthropic released a new Claude Code feature called "Remote Control" that lets you start a session on your computer and then control it remotely using Claude on web, iOS, and desktop apps by sending prompts to that session. The feature currently has several bugs, including permission approval issues, API errors, and problems with session termination, though the author expects these to be fixed soon.

Researchers discovered three security vulnerabilities in Anthropic's Claude Code (an AI-powered coding assistant) that could allow attackers to run arbitrary commands on a developer's computer and steal API keys (authentication credentials) simply by tricking users into opening malicious project folders. The vulnerabilities exploited configuration files and automation systems to bypass safety prompts and execute malicious code without user consent.

Peter Steinberger, creator of OpenClaw (an AI agent that works through WhatsApp), shares advice for developers building with AI: focus on exploration and experimentation rather than having a perfect plan from the start. He emphasizes that working with AI is a learnable skill, like learning guitar, and recommends approaching it playfully and iteratively rather than expecting immediate expertise.

According to IBM X-Force data from 2025, more than half of the 400,000 tracked vulnerabilities (56%) could be exploited without requiring authentication (the process of verifying who you are). This means attackers can exploit these security flaws without needing to log in or have legitimate access to a system.

About 12% of U.S. teenagers use AI chatbots for emotional support or advice, alongside more common uses like searching for information and getting homework help. Mental health professionals warn that general-purpose AI tools like ChatGPT are not designed for this purpose and can isolate users from real-world connections and relationships, potentially causing serious psychological harm.