AI Sec Watch

AGiXT, a platform for automating AI agents, has a vulnerability in its safe_join() function (a tool meant to safely combine file paths) that fails to check whether file paths stay within the agent's allowed workspace. Before version 1.9.2, an authenticated attacker could use directory traversal sequences (special path tricks like '../' to navigate outside intended folders) to read, write, or delete files on the server.

Google has upgraded Gemini, its AI chatbot, to generate interactive 3D models and simulations in response to user questions. Users can rotate these models, adjust sliders to change parameters, and input different values to see real-time changes in the simulation.

OpenClaw, a user-controlled local assistant, had a vulnerability where ClawHub package downloads didn't verify the integrity of downloaded files (a security check ensuring files haven't been tampered with). This meant malicious or corrupted plugin archives could be installed without detection. The vulnerability affected OpenClaw versions 2026.4.1 and earlier.

OpenClaw (a local AI assistant software) had a security bug where the `node.pair.approve` function checked for `operator.write` permissions instead of the more restrictive `operator.pairing` scope, allowing users without proper authorization to approve device pairing on executive-capable nodes. This vulnerability only affects OpenClaw in its single-user trust model and does not impact multi-tenant services.

OpenClaw, a local AI assistant, had a security flaw where WebSocket sessions (persistent connections that allow real-time communication between a client and server) using a shared gateway token remained active even after the token was rotated (changed to a new one). This meant that even after administrators changed the authentication token, old sessions could continue operating without re-authenticating.

OpenClaw, a user-controlled local assistant, had a security flaw where `node.invoke(browser.proxy)` could bypass the `browser.request` guard and modify persistent browser profiles (stored settings that shouldn't be changed without permission). The vulnerability affected versions up to v2026.04.01.

OpenClaw's `device.token.rotate` function had a security flaw where it could create tokens with roles (sets of permissions) that hadn't been properly approved through the required pairing process, potentially letting users gain unauthorized access levels. This vulnerability only affects OpenClaw, which is a local assistant software that runs on a user's own device.

OpenAI has delayed its Stargate UK project, which was a planned major investment in Britain's AI infrastructure as part of a larger UK-US deal announced last September. The company cited high energy costs and regulatory concerns as reasons for the delay, disappointing the British government which had positioned AI development as central to its economic growth strategy.

OpenAI has paused its UK data centre project called Stargate UK, which would have built a large computing facility in Northumberland to support AI development, citing concerns about high energy costs and regulatory uncertainty. The company stated it will only move forward when conditions improve, though critics note that energy prices and UK AI regulation have not recently changed significantly. This pause is a setback for the UK government's goal to position the country as an AI leader and boost economic growth through tech investment.