AI Sec Watch

OpenAI's Sam Altman told CNBC that Chinese tech companies are making "remarkable" progress in developing artificial general intelligence (AGI, where AI systems match human capabilities), with some companies approaching the technological frontier while others still lag behind. OpenAI is exploring new revenue streams, including advertising within ChatGPT, with plans to initially test ads in the U.S. before expanding to other markets. The company remains focused on rapid growth rather than immediate profitability.

CVE-2026-25338 is a missing authorization vulnerability in the Ays Pro AI ChatBot plugin (versions up to 2.7.4), meaning the software fails to properly check whether users have permission to access certain features. This security flaw allows attackers to exploit incorrectly configured access controls (the rules that decide who can do what in the software).

This podcast discusses how a large US retail company uses agentic AI (AI systems that can take independent actions to complete tasks) across their software development process, including validating requirements, creating and reviewing test cases, and resolving issues faster. The organization emphasizes maintaining human oversight, strict governance rules, and measurable quality standards while deploying these AI agents.

French President Emmanuel Macron defended Europe's AI regulations and pledged stronger protections for children from digital abuse, citing concerns about AI chatbots being misused to create harmful content involving minors and about a small number of companies controlling most AI technology. His comments came after global criticism of Elon Musk's Grok chatbot being used to generate tens of thousands of sexualized images of children.

OpenAI has partnered with India's Tata Group to build AI data center capacity starting with 100 megawatts and scaling to 1 gigawatt, allowing OpenAI to run advanced models within India while meeting local data residency and compliance requirements. The partnership includes deploying ChatGPT Enterprise across Tata's workforce and using OpenAI's tools for AI-native software development. This expansion supports OpenAI's growth in India, where it has over 100 million weekly users, and helps enterprises that must process sensitive data locally.

OpenAI has partnered with Pine Labs, an Indian fintech company, to integrate OpenAI's APIs (application programming interfaces, which are software tools that let companies connect AI into their existing systems) into Pine Labs' payments and commerce platform. The partnership aims to automate financial workflows like settlement, invoicing, and reconciliation, with Pine Labs already using AI internally to reduce daily settlement processing from hours to minutes. OpenAI is expanding its presence in India beyond ChatGPT by embedding its technology into enterprise and infrastructure systems across the country's large developer base.

OpenClaw's sandbox configuration had a bug where the `normalizeForHash` function (a process that converts configuration settings into a unique identifier) was sorting arrays containing simple values, causing different array orders to produce identical hashes. This meant that sandbox containers (isolated software environments) weren't being recreated when only the order of configuration settings like DNS or file bindings changed, potentially leaving stale containers in use.

OpenClaw, a session management tool, had a visibility issue in shared multi-user environments where session tools (like `sessions_list` and `sessions_history`) could give users access to other people's session data when they shouldn't have it. Additionally, Telegram webhook mode didn't properly use account-level secret settings as a fallback. The risk is mainly in environments where multiple people share the same agent and don't fully trust each other.

OpenClaw, an npm package, had a vulnerability where Telegram bot tokens (the credentials used to access Telegram's bot API) could leak into logs and error messages because the package didn't hide them when logging. An attacker who obtained a leaked token could impersonate the bot and take control of its API access.