AI Sec Watch

Microsoft has reorganized its AI leadership, with Mustafa Suleyman taking on a new role as the company's first CEO of AI focused specifically on pursuing superintelligence (AI systems that would surpass human intelligence across all tasks). The company's renegotiated contract with OpenAI has enabled this strategic shift, which Suleyman says he had been planning for nearly a year.

Google has released an update to its Home app that improves Gemini (Google's AI assistant) at understanding natural language commands for controlling smart home devices. The update allows users to describe desired settings in more natural ways, such as requesting "the color of the ocean" for lighting or specifying exact temperatures and humidity levels, and improves Gemini's ability to identify which devices are being controlled.

This is an erratum (correction notice) for an academic survey paper about adversarial machine learning in IoT security (the practice of deliberately fooling AI systems used to protect internet-connected devices). The notice appears in ACM Computing Surveys journal, Volume 58, Issue 10, published in July 2026.

OpenAI has acquired TBPN, a media platform that covers AI news and hosts conversations with influential figures in tech and business. The acquisition aims to help OpenAI communicate more effectively about AI's impact on society while keeping TBPN's editorial independence intact.

OpenAI has introduced more flexible pricing for Codex, a code-generation AI tool that helps developers write software faster. Teams can now add Codex-only seats with pay-as-you-go pricing (meaning you only pay for what you use based on tokens, the small units of text the AI processes) instead of paying a fixed fee per person, and ChatGPT Business pricing has been lowered from $25 to $20 per seat annually. The company is also offering $100 in credits per new Codex-only user (up to $500 per team) to help teams try out the tool.

AI is making software development faster and easier, creating a future where custom applications can be written and deleted on demand, but this also means AI tools are getting better at finding and exploiting vulnerabilities in code. Both attackers and defenders are using AI for cybersecurity, creating an 'arms race' where attackers can automatically discover and exploit flaws while defenders can use similar AI tools to find and patch vulnerabilities before attackers exploit them.

Variance, a company building a compliance investigation platform that uses AI agents (autonomous AI systems that can perform tasks independently), has raised $21.5 million in new funding, bringing its total funding to $26 million. The funding will be used to grow the platform's capabilities.

Model Context Protocol (MCP, a system that connects AI agents to data sources) has become popular in businesses but faces security risks like prompt injection (tricking an AI by hiding instructions in its input), token theft, and data leaks. While progress has been made with features like OAuth support and an official MCP Registry, companies need tools to implement proper access controls, authorization checks, and detailed logging to protect sensitive data.

The lodash library has a code injection vulnerability in its `_.template` function (a tool that generates reusable text templates with dynamic values). Attackers can inject malicious code through the `options.imports` parameter, either by passing untrusted input as key names or by exploiting prototype pollution (a technique where attackers modify the default object properties that all objects inherit from). This allows arbitrary code to run when a template is compiled.