AI Sec Watch

OpenAI released GPT-5.6, a new model suite with three versions: Sol (flagship), Terra (medium-tier for high-volume work), and Luna (fast and affordable). The models are designed to excel at coding, cybersecurity, biology, and agentic AI tasks (where AI systems can plan and execute multi-step goals with minimal human direction), and Sol is priced competitively against competitors like Anthropic's Claude.

Malware authors are creating code that tricks AI-based security tools (LLM-assisted products, which use large language models to analyze threats) into stopping their analysis or refusing to work, according to security researchers at SentinelLabs. One example is macOS.Gaslight, believed to be linked to North Korean hackers, and this is part of a growing trend where malware is specifically designed to evade AI-powered defenses.

Docling is a tool that helps process documents by reading different file formats and connecting with AI systems. Before version 2.94.0, Docling's HTML backend had unsafe handling of URIs and file paths (ways of locating files on a computer), which could be exploited as a security weakness. This issue was fixed in version 2.94.0.

Docling is a tool that processes documents in different formats and connects them with AI systems. Versions 2.45.0 through 2.91.0 had security flaws in how they parsed METS-GBS archives (a type of compressed document file), allowing attackers to craft malicious files that could steal sensitive data, use up system resources, or crash the application.

Companies are shifting away from "tokenmaxxing" (using as much AI as possible without worrying about costs) toward efficiency and cost control, with some businesses switching to cheaper AI alternatives like DeepSeek to reduce spending. OpenAI and Anthropic, which have benefited enormously from the previous spend-at-all-costs mentality, may face slower growth as enterprises demand clearer returns on their AI investments and limit their token (units of data processed by AI models) spending.

This cybersecurity news roundup covers several major incidents and policy developments, including Russian authorities using legacy Cellebrite software (a tool that extracts data from phones) to breach an activist's iPhone, a major data breach at Tata Electronics exposing 630 GB of Apple and Tesla secrets, and a Five Eyes warning that advanced AI is accelerating vulnerability research and exploit development (automated creation of attack tools), compressing attack timelines from years to months. Additional stories include guilty pleas from Scattered Spider hackers who compromised London's transport system, an upcoming Android developer verification framework launching in 2026, and U.S. government restrictions on OpenAI's GPT-5.6 model deployment.

Anthropic removed its Mythos-class models (its most advanced AI systems) from service after receiving an order from the Trump administration on a Friday evening. Two weeks later, the company has provided no updates on negotiations or timeline for when these models might return online, leaving the situation unresolved.

OpenAI is slowing down the release of its new GPT 5.6 model at the request of the US government, offering it first to only a small group of partners instead of a wide public launch. This approach is similar to how Anthropic released its Mythos product, suggesting that AI companies may be coordinating with government oversight when deploying powerful new models.

Amazon Q Developer had a high-severity flaw (CVE-2026-12957, CVSS 8.5) where a malicious repository could run commands and steal a developer's cloud credentials through a configuration file. The bug occurred because Amazon Q automatically launched MCP servers (processes that connect AI assistants to databases and tools) from an untrusted config file without asking the developer for permission first, giving those processes full access to the developer's AWS keys and other sensitive credentials.