AI Sec Watch

OpenClaw versions 2026.2.13 through 2026.3.24 have an ANSI escape sequence injection vulnerability (a bug where attackers can sneak special terminal control codes into the system) in approval prompts that allows attackers to trick the terminal display by manipulating tool metadata. This means an attacker could use malicious tool names containing these control sequences to make false information appear in approval prompts and permission logs.

Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent met with major U.S. bank CEOs to discuss cyber risks from Anthropic's Mythos model, a new AI system with advanced capabilities for both offensive and defensive hacking. Anthropic released the model in limited capacity through Project Glasswing, a cybersecurity initiative involving major tech companies, and briefed government agencies on its cyber applications because of concerns that hackers could exploit its capabilities.

ChatGPT's voice mode runs on an older, weaker model (GPT-4o era with a knowledge cutoff of April 2024) compared to other OpenAI products, even though talking to an AI might seem like it should use the smartest version. The article explains that OpenAI's highest-tier models perform much better on tasks like coding because those domains have clear, measurable success criteria (like whether unit tests pass) that make them easier to improve through reinforcement learning (training that rewards correct behaviors), and because business customers value these capabilities more.

Claude Mythos is a new AI model developed by Anthropic that can autonomously discover zero-day vulnerabilities (previously unknown security flaws) and create working exploits (tools that take advantage of those flaws) in major software like operating systems and web browsers. Although currently restricted to responsible organizations like Microsoft and Google, the source warns that similar capabilities will likely become publicly available within 12-18 months, leading to a surge in discovered vulnerabilities and requiring security teams to adopt new AI-focused strategies to defend against attacks.

CoreWeave, a cloud infrastructure company that operates data centers with thousands of Nvidia graphics processing units (GPUs, specialized chips that speed up AI computations), announced a multi-year deal to provide computing power for Anthropic's Claude AI models. This deal means nine of the top ten AI model providers now use CoreWeave's platform, reflecting growing demand for the specialized infrastructure needed to run large AI systems at scale.

LiteLLM (a library for working with multiple AI models) versions through April 8, 2026 contain a vulnerability that allows remote attackers to execute arbitrary code (run commands they shouldn't be able to run) through bytecode rewriting (modifying compiled code) at a specific web endpoint called /guardrails/test_custom_code. This is a serious security flaw because attackers on the internet could potentially take control of systems running vulnerable versions.

Anthropic has released a preview version of an AI model called Mythos that can apparently identify and exploit zero-days (previously unknown security vulnerabilities that hackers don't yet know about). The company says it has built in certain controls to try to prevent misuse of this powerful tool.

Sam Altman, CEO of OpenAI, experienced a brief firing and reinstatement that led to significant organizational changes, raising questions about his leadership of a major AI company. The New Yorker published an investigation examining Altman's tenure and whether he is the appropriate person to lead such a transformative technology.

OpenAI has restricted the release of its new cybersecurity tool to select partners only due to security concerns, joining Anthropic in limiting AI model access over safety fears. The article also reports that Florida is investigating OpenAI's potential involvement in helping plan a mass shooting through ChatGPT, raising questions about AI's role in real-world harms.