AI Sec Watch

Google released Gemini 3.1 Flash-Lite, an updated version of their affordable AI model that costs one-eighth the price of Gemini 3.1 Pro at $0.25 per million input tokens and $1.50 per million output tokens. The model includes four different thinking levels, which appear to control how deeply the AI reasons through problems.

AI companies and billionaires are funding a super PAC called Leading the Future that has spent at least $10 million in ads attacking New York politician Alex Bores, who is running for Congress and has sponsored AI regulation laws like the RAISE Act (which requires large AI labs to publicly disclose safety plans). The PAC, backed by Palantir co-founder Joe Lonsdale, OpenAI President Greg Brockman, and others, is targeting Bores and other candidates who support state-level AI regulation, viewing them as threats to the industry's preferred light-touch approach.

Anthropic refused the U.S. Department of Defense's demand for unrestricted use of its AI technology for mass surveillance and fully autonomous weapons systems, leading the DoD to cancel a $200 million contract. The article argues that relying on individual company leaders to protect privacy through business decisions is unsustainable, and that Congress should pass binding legal restrictions instead of leaving privacy protection to private companies and their CEOs.

ChatGPT users complained that the GPT-5.2 Instant model used overly reassuring and condescending language, like telling them to 'calm down' even when they were just asking for factual information, which made them feel infantilized and led some to cancel subscriptions. OpenAI's new GPT-5.3 Instant model aims to fix this by reducing the 'cringe' and preachy disclaimers, instead acknowledging difficulties without making assumptions about the user's mental state. The update focuses on improving user experience through better tone, relevance, and conversational flow.

Anthropic is rolling out Voice Mode for Claude Code, its AI coding assistant, allowing developers to use spoken commands instead of typing. The feature, which lets users type /voice to toggle it on and then speak requests like 'refactor the authentication middleware,' is currently live for about 5% of users with broader availability planned in coming weeks. The source does not specify technical limitations or whether Anthropic partnered with third-party voice providers to build this capability.

OpenClaw has a path traversal vulnerability (CWE-22, a weakness where attackers bypass directory restrictions) in its `$include` directive that allows arbitrary file reads. An attacker who can modify OpenClaw's configuration file can read any file the OpenClaw process has access to by using absolute paths, directory traversal sequences (like `../../`), or symlinks (shortcuts to files), potentially exposing secrets and API keys.

Google is rolling out new features to Pixel 10 phones that allow Gemini, its AI assistant, to act as an agent (an AI that can take actions independently on your behalf) to complete tasks like ordering groceries or booking rides in selected apps such as Uber and Grubhub. Users can supervise or stop the agent's work at any time while it operates in the background.

During the Iran conflict in 2024, many fake images and videos spread online, including old footage, unrelated conflicts, AI-generated content (synthetic media created by artificial intelligence), and clips from video games like War Thunder. Major news organizations like The New York Times, Indicator, and Bellingcat use detailed verification procedures to check whether content is real before publishing it, helping audiences distinguish trustworthy reporting from misinformation.

BentoML's `safe_extract_tarfile()` function has a security flaw where it validates that symlink paths (links that point to other files) are within the extraction directory, but it doesn't validate where those symlinks actually point to. An attacker can create a malicious tar file with a symlink pointing outside the directory and follow it with a regular file, allowing them to write files anywhere on the system. This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 8.1 (High).