AI Sec Watch

FastGPT, an AI Agent building platform, has a NoSQL injection vulnerability (a type of attack where an attacker tricks the database query by inserting special commands) in its login system before version 4.14.9.5. The vulnerability allows unauthenticated attackers to bypass password checks and log in as any user, including administrators, by sending database operators instead of a real password.

OpenClaw missed blocking dangerous environment variables (like VIMINIT, EXINIT, LUA_INIT, and HOSTALIASES) that could be set by users to change how programs start up or behave on the network. This security gap affected OpenClaw versions before 2026.4.10.

Flowise has a text-to-speech endpoint that doesn't require authentication but accepts a credential ID (an identifier for stored API keys like OpenAI or ElevenLabs) directly from user input. An attacker can use this to access someone else's stored API credentials and generate speech using the victim's API account, burning their API credits without permission.

Flowise version 3.0.13 has a security flaw where public chatflow endpoints return unsanitized data (raw information without filtering) that includes plaintext API keys, passwords, and credential IDs (unique references to stored login credentials). This happens because the code returns the complete chatflow object without removing sensitive fields, potentially exposing users' third-party account credentials and internal system architecture.

OpenAI abandoned its Sora video generation tool and Bill Peebles, the leader of the Sora team, is leaving the company. OpenAI is refocusing its priorities away from what it calls "side quests" to concentrate on coding and enterprise products instead.

Anthropic, an AI company, faced criticism from the Trump administration over concerns about national security and refused to allow its technology to be used for domestic mass surveillance or fully autonomous weapons without human control. The company is now working to improve its relationship with the government by developing Claude Mythos Preview, a new AI model designed specifically for cybersecurity tasks.

AI companies may be overestimating demand by measuring success through token consumption (the basic units of AI usage, like words and characters), rather than actual business value or return on investment. Anthropic is adjusting its pricing model away from flat monthly fees toward per-token billing and has discontinued third-party tools that were consuming excessive tokens without generating meaningful results, positioning itself better if AI demand projections prove inflated.

The White House is planning a meeting between its Chief of Staff and Anthropic's CEO to discuss Anthropic's new AI technology and concerns about the security of software built with advanced AI models. This reflects ongoing government engagement with major AI labs about how their systems work and potential risks.

Anthropic CEO Dario Amodei is meeting with White House officials to discuss Mythos, a new AI model that can identify security weaknesses in software. This meeting marks a potential improvement in relations between Anthropic and the Trump administration, which had previously blacklisted the company and ordered federal agencies to stop using its Claude AI models, though a court temporarily blocked that directive.