All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Anthropic, an AI company, faced a conflict with the U.S. Department of Defense in March when the Pentagon declared it a supply chain risk (meaning its technology was seen as threatening national security) and banned federal agencies from using its Claude AI models. Recently, tensions have eased after Anthropic's CEO met with Trump administration officials to discuss the company's new Mythos model (an advanced AI system with strong cybersecurity capabilities), and President Trump stated a deal for military use of Anthropic's technology is now 'possible'.
AI tools are making cyberattacks faster and more dangerous by speeding up the discovery of vulnerabilities (security flaws in software), creating exploits (code that exploits those flaws), and planning multi-step attacks. Attackers can now run phishing (deceptive emails tricking users into revealing information), malware (malicious software), and vulnerability attacks at the same time, which reduces the time before a network gets compromised and gives defenders less time to respond.
AI coding agents are now generating software much faster than traditional security tools can scan it, creating a dangerous gap where vulnerabilities (security weaknesses) can be exploited in minutes instead of months. Wiz addresses this by embedding security directly into AI development tools through plugins and a "Green Agent" (an AI system that analyzes and recommends fixes for security issues), allowing developers to catch and fix problems in their code editor before the code is even submitted for review.
Microsoft's Azure SRE Agent had a critical authentication flaw (CVE-2026-32173, CVSS score 8.6, a 0-10 rating of severity) that allowed unauthorized attackers to eavesdrop on sensitive agent activity over the network without proper credentials. The vulnerability existed because the service's token validation (a credential check) accepted tokens from any tenant organization and never verified if the attacker actually belonged to the target organization, exposing user prompts, agent responses, executed commands, and credentials.
Security researchers found a prompt injection flaw (tricking an AI by hiding instructions in its input) in Google's Antigravity IDE that could bypass its Secure Mode sandbox protections and achieve RCE (remote code execution, where an attacker can run commands on a system they don't own). The vulnerability came from insufficient input validation in the file search tool's Pattern parameter, allowing attackers to inject malicious command-line flags that converted a simple file search into arbitrary code execution. Google acknowledged the issue in January and fixed it internally, and Antigravity users are now protected without needing to take action.
ChatGPT Images 2.0 is an updated image generation model (software that creates pictures from text descriptions) with better ability to render text within images, support for multiple languages, and improved visual reasoning (the ability to understand and analyze images). The announcement introduces new features but does not discuss security issues or problems requiring fixes.
Google patched a vulnerability in Antigravity, its agentic integrated development environment (IDE, a coding tool that can take autonomous actions), that allowed attackers to execute arbitrary code through prompt injection (tricking an AI by hiding instructions in its input). The flaw combined the tool's file-creation abilities with insufficient input validation in its find_by_name search function, letting attackers inject malicious commands that bypassed Antigravity's Strict Mode security restrictions.
Identity-based systems have become the core security approach for modern businesses, replacing traditional firewall-based protection since employees now work remotely, systems run in the cloud, and there's no clear 'inside' or 'outside' network boundary anymore. Instead of trusting people based on location, modern identity systems verify who is making each request and check what they're authorized to do, which reduces errors, improves efficiency, and makes it easy to track who accessed what resources and when. These systems also help software teams work faster by automatically routing people to the right development, testing, or staging environments and controlling exactly what information different employees can see based on their role and department.
Modern cyberattackers increasingly target the human element rather than software vulnerabilities, using techniques like phishing (tricking users into revealing information), stolen credentials, and social engineering (manipulating people into unsafe actions) to infiltrate systems. Common attack methods include abusing legitimate remote monitoring and management tools (RMM, software designed to help IT teams manage systems remotely) for command-and-control, exploiting flaws in network security devices like SSL VPN (virtual private network technology that encrypts connections), and deploying ClickFix (a social engineering tactic using fake error prompts to trick users into running malicious commands). These approaches often succeed because they exploit trusted tools and human behavior rather than technical weaknesses that can be patched.
Filmmaker Steven Soderbergh has publicly stated his interest in using generative AI (AI systems that create new images or content from text descriptions) in his films, including for surreal dream sequences in a John Lennon documentary and for a Spanish-American War movie. Soderbergh's openness to AI in filmmaking stands out because many respected artists have actively rejected the technology, and his interest comes while his film The Christophers ironically explores themes of artistic authorship and what it means to create.
Claude Code, an agentic coding tool (AI that can write and execute code), had a sandbox escape vulnerability before version 2.1.64 where sandboxed processes could create symlinks (shortcuts pointing to files outside their designated area) that allowed writing to locations outside the workspace without user permission. An attacker could exploit this by injecting malicious instructions into Claude Code's input, potentially executing code outside the intended sandbox.
LlamaIndex v0.14.21 is a maintenance release that fixes several bugs in the core library, including a KeyError (an error when looking up a value in a data structure that doesn't exist) in the DocumentSummaryIndex deletion function, handling of output formatting errors, and UTF-8 encoding issues in file operations. The release also updates dependencies across many embedding and indexing modules to keep the library's supporting code current.
Codex, an AI tool that generates code and assists with software development tasks, has grown from 3 million to 4 million weekly users and is now being adopted by major enterprises like Virgin Atlantic, Notion, and Cisco to speed up development workflows. OpenAI is expanding Codex adoption through a program called Codex Labs, which provides expert guidance to organizations, and by partnering with global consulting firms (like Accenture and Infosys) to help enterprises integrate Codex into their software development processes at scale.
Apple announced that CEO Tim Cook, who led the company for nearly 15 years, will be replaced by John Ternus, a senior vice president of hardware engineering, effective September 1, 2025. Tech industry leaders including OpenAI CEO Sam Altman and Oculus founder Palmer Luckey posted congratulatory messages on social media about the leadership transition.
Amazon is investing up to $25 billion more in Anthropic, an AI company known for its Claude AI models (large language models, or LLMs, which are AI systems trained on vast amounts of text to generate human-like responses), on top of an earlier $8 billion investment. As part of this deal, Anthropic will spend over $100 billion on Amazon's cloud services and custom AI chips over the next decade to expand its computing capacity (the processing power needed to train and run AI models). Anthropic made this agreement because its infrastructure has been strained by rapidly growing demand from enterprise customers and users of Claude.
LMDeploy, a toolkit for compressing, deploying, and serving large language models, contains a Server-Side Request Forgery vulnerability (SSRF, a flaw that lets attackers trick a server into making requests to unintended targets) in versions before 0.12.3. The vulnerability exists in the `load_image()` function, which downloads images from URLs without checking if those URLs point to private or internal systems, potentially allowing attackers to access sensitive cloud services and internal networks.
The article criticizes tech industry figures for overstating the significance of LLM (large language model, an AI system trained on vast amounts of text) discoveries, using an example of someone claiming that LLMs reveal how knowledge is embedded in language as a breakthrough comparable to the invention of writing. The piece argues that tech insiders have lost touch with what ordinary people actually need and value.
Fix: According to the source, Wiz offers two explicit mitigations: (1) For developers: "Using Wiz Code plugins, developers can pull active Wiz issues directly into their IDE" and "their coding agent can then apply the Green Agent's remediation guidance and commit it to source control without the developer ever leaving their workflow." (2) For security teams: The Wiz plugin "automatically runs a security scan" at natural development boundaries like "file save, pre-commit, and pre-push" and "surfaces the finding immediately in the IDE, before the code can reach the repository" to catch hardcoded credentials, IaC misconfiguration (infrastructure-as-code setup errors), and other issues. Additionally, security teams can "trigger remediation directly from a Wiz issue" to have the Green Agent build remediation plans that coding agents can execute and submit as pull requests.
Wiz Research BlogFix: Microsoft has fixed the issue server-side, and no customer action is required according to Microsoft's advisory.
CSO OnlineFix: Google has already fixed the flaw internally. According to the source: 'Antigravity users need not do anything else to remain protected.' No user-side updates or patches are required.
CSO OnlineFix: Google addressed the vulnerability as of February 28, 2026, following responsible disclosure on January 7, 2026. The source does not explicitly detail the specific technical fix applied.
The Hacker NewsAI company Anthropic announced it created a powerful model called Mythos Preview that can find and exploit software vulnerabilities (weaknesses that attackers could use), and decided not to release it publicly due to concerns about risks to economy, safety, and national security. However, some experts question whether the model is actually as capable as Anthropic claims, and the decision raises questions about whether this move is genuine responsibility or a publicity strategy.
Organizations typically have far more AI tools running than they realize, including unapproved ones that bypass traditional security controls, a problem called shadow AI (unauthorized AI usage that goes undetected). CrowdStrike's new Shadow AI Visibility Service addresses this by using telemetry-based evidence (data collected from system monitoring) to discover both approved and unapproved AI across endpoints, cloud, and SaaS environments, since most security teams lack visibility into their actual AI footprint.
Fix: CrowdStrike's Shadow AI Visibility Service, powered by the CrowdStrike Falcon platform and delivered by CrowdStrike experts, uses telemetry-based evidence to identify sanctioned and unsanctioned AI usage across endpoint, cloud, and SaaS environments.
CrowdStrike BlogFix: Update to Claude Code version 2.1.64 or later. The source states: 'Users on standard Claude Code auto-update have received this fix automatically. Users performing manual updates are advised to update to version 2.1.64 or later.'
NVD/CVE DatabaseFix: Update to llama-index-core version 0.14.21 or later. The fixes are included in this release version, which addresses the KeyError in DocumentSummaryIndex.delete_nodes, ValueError and TypeError from structured output failures, UTF-8 encoding issues in the persistence layer, and the Message Block Buffer Resolution breaking change.
LlamaIndex Security ReleasesFix: Update LMDeploy to version 0.12.3 or later, which patches the issue.
NVD/CVE DatabaseAnubis is a security model designed to control access to systems by understanding the context in which access requests are made, rather than using fixed rules alone. The model aims to make access control smarter by considering situational factors when deciding whether to grant or deny user permissions. This research was published in July 2026 in the Journal of Information Security and Applications.