All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Release llm-anthropic 0.25 adds a new Claude model (claude-opus-4.7) with advanced thinking capabilities, introduces options to display and adapt AI reasoning output, raises the default token limits (the maximum length of AI-generated responses) for all models, and removes outdated code that was no longer needed for older models.
A blogger compared two newly released AI models (Qwen3.6-35B-A3B and Claude Opus 4.7) by asking them to generate SVG images (scalable vector graphics, a format for drawing pictures with code) of pelicans and flamingos performing tasks like riding bicycles. The Qwen model, running on a laptop as a quantized version (a compressed version that uses less computer memory), produced better images than Anthropic's Claude Opus 4.7, though the blogger notes this creative task may not reflect which model is actually more useful for real-world problems.
Google is updating AI Mode (a chatbot-like search feature built into Chrome) with a new feature that opens source links in a side-by-side view instead of in a new tab, letting you compare the website content with your chat conversation at the same time. This upgrade makes it easier to ask follow-up questions about information you're reading without switching between multiple windows.
OpenAI has updated Codex, its agentic coding system (an AI that can independently perform multi-step coding tasks), to control desktop applications, generate images, and remember previous interactions. The new features let Codex operate apps in the background without interrupting user work and allow multiple agents (separate AI instances) to work simultaneously, which OpenAI says is useful for testing frontend changes and working with applications that don't have APIs (standardized ways for software to communicate).
Hackers are exploiting a critical vulnerability in Marimo (a Python notebook tool) called CVE-2026-39987 (remote code execution, where attackers can run commands on systems they don't own) to deploy NKAbuse malware from Hugging Face Spaces (a platform for sharing AI applications). The attacks began within 10 hours of technical details becoming public, with attackers using fake application names to trick users into downloading malware that steals credentials and allows remote control of infected systems.
Google's Gemini AI can now use your personal data from Google Photos through its Personal Intelligence feature to generate customized images based on your photos and preferences. When you give prompts like "Design my dream house," Gemini uses its Nano Banana 2 image model (a machine learning system for creating pictures) along with your photo labels and personal context to create images that match your tastes and lifestyle.
Anthropic released Claude Opus 4.7, its most powerful generally available model, which improves performance on complex software engineering tasks, image analysis, and instruction-following compared to the previous version. This release follows Anthropic's announcement of Mythos Preview, a more powerful cybersecurity-focused model designed for security-related tasks.
Nvidia announced Ising, a new family of open-source AI models designed to help make quantum computing (computers that use quantum bits, or qubits, to perform calculations differently than regular computers) more practical by handling error correction and calibration tasks. The announcement sparked a major rally in quantum computing stocks, with companies like IonQ and D-Wave Quantum jumping 50% in value as investors grew enthusiastic about AI's potential to improve quantum systems.
OpenAI has expanded access to GPT-5.4-Cyber, a specialized AI model trained specifically for cybersecurity defense work, making it easier for legitimate security professionals to use it. This move follows Anthropic's release of their own cybersecurity model called Mythos.
Google is connecting its Gemini chatbot to users' personal Google Photos library through a feature called Nano Banana (an image generation tool, meaning software that creates pictures from text descriptions). Users who opt in to Personal Intelligence (a feature that links Google apps together for customized responses) can ask Gemini to generate images based on their private photos, like "create a claymation image of me and my family," without manually uploading photos each time.
Fix: Users should upgrade to Marimo version 0.23.0 or later immediately. If upgrading is not possible, block external access to the '/terminal/ws' endpoint using a firewall, or block it entirely.
BleepingComputerAnthropic released Claude Opus 4.7, a new AI model that excels at software engineering and following instructions but has intentionally reduced capabilities in cybersecurity tasks compared to its more powerful Claude Mythos Preview model. The company implemented safeguards that automatically detect and block requests for prohibited or high-risk cybersecurity uses, and is using this release to learn how to safely deploy more powerful models in the future.
Fix: Anthropic released Claude Opus 4.7 with safeguards that automatically detect and block requests indicating prohibited or high-risk cybersecurity uses. The company also experimented with efforts to 'differentially reduce' Claude Opus 4.7's cyber capabilities during training, and encourages security professionals interested in legitimate cybersecurity purposes to apply through a formal verification program.
CNBC TechnologyGoogle is using its Gemini AI model to detect and block malicious ads on its platforms, removing 8.3 billion ads in 2025 as scammers use cloaking techniques (hiding the true destination of a link) and AI-generated content to create deceptive advertising at scale. Gemini analyzes billions of signals like advertiser behavior and campaign patterns to identify harmful ads in real time, including those impersonating legitimate brands to distribute malware, steal cryptocurrency, or redirect users to phishing sites (websites designed to trick users into revealing passwords or personal information). Google reports this approach has reduced incorrect advertiser suspensions by 80% and plans to expand Gemini's use across more ad formats.
Fix: Google says it is relying on Gemini AI-powered systems to automate the discovery and blocking of malicious ads before they are shown to users. The company reports that by the end of last year, the majority of Responsive Search Ads created in Google Ads were reviewed instantly and harmful content was blocked at submission, with plans to bring this capability to more ad formats in the current year. Google will continue expanding Gemini's use across additional ad formats and enforcement systems, aiming to block malicious campaigns at submission time.
BleepingComputerATHR is a cybercrime platform that automates vishing attacks (voice phishing, where attackers trick people into revealing passwords over the phone) using AI voice agents and human operators to steal login credentials from services like Google and Microsoft. The platform handles the entire attack chain, from sending fake security alert emails to using AI-driven phone calls that impersonate support staff and extract verification codes. According to researchers, ATHR makes vishing attacks much easier to launch because it requires less technical skill and manual work than traditional attacks.
Fix: Detection is possible by checking communication behavioral patterns between a sender and a recipient to identify if similar lures containing a phone number reached the organization within a short time frame. Abnormal researchers say that modeling normal communication behavior across the organization can help AI-powered detection flag anomalies before targets make a call.
BleepingComputerInvestigative reporter Ronan Farrow co-authored a 17,000-word article in The New Yorker examining OpenAI CEO Sam Altman's trustworthiness and his track record of misrepresenting facts to people around him. The reporting documents Altman's role in transforming OpenAI from a nonprofit research lab into a nearly trillion-dollar company, as well as the 2023 incident when the board fired him over alleged lying before quickly rehiring him.
AI models are becoming increasingly capable at finding vulnerabilities and generating exploits, which lowers the barrier for attackers and compresses the time between vulnerability discovery and widespread attacks. As threat actors weaponize these AI capabilities, enterprise defenders face a critical challenge: they must harden software rapidly and defend systems that haven't yet been patched, because traditional human-speed security processes will not be able to keep pace with machine-speed threats. The source notes that defenders need to strengthen security playbooks, reduce exposure, and incorporate AI into their security programs.
Voice biometric systems (technology that identifies people by their voice) are vulnerable to replay attacks (where an attacker plays back a recorded voice to fool the system), but there hasn't been enough realistic training data to build good defenses. This research created RIRplay, a simulated database that realistically mimics how replay attacks actually happen across different acoustic environments, which improved detection performance significantly when tested on real-world voice spoofing challenges.
Researchers developed AdvFor, a black-box attack method (a way to trick an AI system without seeing its internal workings) that can fool image forgery localization models, which are AI systems trained to detect where images have been fake-edited or manipulated. The attack uses reinforcement learning (a technique where an AI learns by trial and error to maximize rewards) to craft minimal changes to images that make forgery detection fail, using only 7 queries per image, and the researchers tested it on multiple real-world models to show it works effectively.
```json { "summary": "This paper introduces AuthRF, a security system that protects RF sensing models (AI systems that interpret radio frequency signals from WiFi or radar) by using user-specific digital "passports" embedded in the signal processing pipeline. Valid passports allow the model to work correctly, while invalid or fake ones distort the signal and degrade performance, preventing unauthorized use. The approach is designed to be proactive and work during runtime, addressing limitation
Adversarial examples (inputs crafted to fool AI systems) are a serious security risk for deep neural networks (AI systems with many layers), especially in physical-world attacks like fooling object detection in surveillance cameras. This research proposes Adversarial Spectrum Defense (ASD), a defense method that uses spectral decomposition (breaking down data into different frequency components) via Discrete Wavelet Transform (a mathematical technique to analyze patterns at multiple scales) to detect and defend against patch-based and texture-based adversarial attacks, and shows it achieves better protection when combined with Adversarial Training (training the AI on attack examples to make it more robust).
Fix: The source proposes Adversarial Spectrum Defense (ASD), which 'leverages spectral decomposition via Discrete Wavelet Transform (DWT) to analyze adversarial patterns across multiple frequency scales' and 'by integrating this spectral analysis with the off-the-shelf Adversarial Training (AT) model, ASD provides a comprehensive defense strategy against both patch-based and texture-based adversarial attacks.' The paper reports that 'ASD+AT achieved state-of-the-art (SOTA) performance against various attacks, outperforming the APs of previous defense methods by 21.73%'.
IEEE Xplore (Security & AI Journals)This research proposes a new method for private set operations (PSO, techniques that let organizations securely compare or combine datasets without revealing private information) that reduces the computational burden on client devices. The approach uses secret sharing (splitting data into pieces so no single party can see the whole picture) to allow servers to do most of the work while clients can stay offline, making it practical for large-scale collaborative research across institutions like hospitals.