All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
ChatGPT can analyze data files (like CSV or Excel spreadsheets) by letting you upload them and ask questions in plain language, helping you explore raw data and find insights without building formulas or dashboards manually. The tool is most useful early in analysis, when you're discovering patterns and anomalies, and it can generate visualizations and summaries to share with others. To get reliable results, you should frame your decision clearly, provide context about your data, ask for structured approaches rather than just answers, and verify key numbers before acting on the findings.
This article describes how ChatGPT can help with brainstorming by quickly generating ideas, organizing them into clear themes, and turning rough directions into executable plans. The AI acts as a thought partner to overcome common brainstorming obstacles (too few or too many unstructured ideas) by expanding options, adding structure through frameworks, and helping test plans for weaknesses.
OpenAI discovered that Axios, a third-party developer library (a pre-written code package used to build software), was compromised in a software supply chain attack (where attackers infiltrate widely-used tools to affect many companies at once) on March 31, 2026, and their macOS app-signing process briefly used a malicious version. OpenAI found no evidence that user data or systems were compromised, but is revoking and updating their security certificates (digital credentials that verify software is authentic) and requiring all macOS users to update their OpenAI apps to prevent the risk of fake apps appearing legitimate. As of May 8, 2026, older versions of ChatGPT Desktop (before 1.2026.051), Codex App (before 26.406.40811), Codex CLI (before 0.119.0), and Atlas (before 1.2026.84.2) will no longer receive updates and may stop working.
OpenAI has launched a new $100 per month ChatGPT Pro subscription tier that provides 5x more access to Codex (a tool that helps write code) compared to the $20 Plus plan, designed for intensive coding work. This new tier directly competes with Anthropic's Claude Max subscription at the same price point as OpenAI tries to attract users from rival AI services.
PraisonAIAgents is a system that coordinates multiple AI agents working together as teams. Before version 1.5.128, the web_crawl() function didn't check URLs before fetching them, allowing attackers or malicious content to trick agents into accessing sensitive internal systems, cloud configuration data, or local files through specially crafted URLs like file:// paths.
PraisonAIAgents (a system that coordinates multiple AI agents working together) versions before 1.5.128 contain a vulnerability in the read_skill_file() function that allows reading any file from a computer's filesystem without restrictions. An attacker using prompt injection (tricking an AI by hiding instructions in its input) could exploit this to steal sensitive files, because unlike other file-reading functions in the same system, read_skill_file() lacks both boundary protections and approval requirements.
PraisonAI versions before 4.5.128 have a security flaw in their /media-stream WebSocket endpoint (a connection protocol for real-time communication) that allows anyone to connect without proving who they are or validating they're authorized. When attackers connect, the server automatically opens a session to OpenAI's API using its own credentials, and since there are no limits on how many connections or messages are allowed, an attacker can drain the server's resources and use up the victim's OpenAI API credits.
PraisonAI, a system for managing multiple AI agents working together, had a vulnerability in versions before 4.5.128 where the deploy.py file didn't check if certain configuration values (openai_model, openai_key, and openai_base) contained commas before putting them into a command. Since commas are used as separators in the gcloud deployment command, an attacker could sneak extra commas into these values to inject arbitrary environment variables (settings that control how the deployed service behaves) into the cloud service.
PraisonAI, a system that uses multiple AI agents to work together as teams, has a vulnerability in versions before 4.5.128 where it displays agent output as HTML without properly cleaning it first. An attacker can inject malicious JavaScript code (code that runs in a web browser) through poisoned data or tricked prompts, and this code will execute when someone views the output.
PraisonAIAgents (a system for running multiple AI agents as teams) has a critical vulnerability in versions before 1.5.128 where user-controlled commands are passed directly to subprocess.run() with shell=True (a function that executes system commands), allowing attackers to inject shell metacharacters (special characters like pipes and semicolons that the shell interprets as instructions) and run arbitrary code. An attacker who gains file-write access through prompt injection (tricking an AI by hiding malicious instructions in its input) can modify the .praisonai/hooks.json configuration file to execute malicious code automatically every time the agent runs.
OpenClaw, a local AI assistant tool, had a security flaw where Git environment variables (special settings that control how Git works) were not being removed before running system commands, potentially allowing attackers to redirect Git operations to malicious locations. This vulnerability affected OpenClaw versions up to 2026.3.30.
LangChain, a framework for building AI agents and applications powered by large language models, had a vulnerability in how it validated f-string templates (a Python feature for inserting variables into text strings). Before versions 0.3.84 and 1.2.28, certain template classes could accept and execute dangerous expressions that should have been blocked, including attribute access and nested replacement fields hidden in format specifiers, which could allow attackers to access unintended data or run unwanted code.
OpenAI announced a new $100 per month Pro subscription tier for ChatGPT that offers five times more usage of Codex (an AI-powered coding assistant that automates tasks and bug fixes for developers) compared to its $20 per month Plus plan. This move is designed to compete with Anthropic's Claude Code, which offers similar high-usage tiers at comparable price points, as coding assistants have become increasingly popular tools for software development.
AGiXT, a platform for automating AI agents, has a vulnerability in its safe_join() function (a tool meant to safely combine file paths) that fails to check whether file paths stay within the agent's allowed workspace. Before version 1.9.2, an authenticated attacker could use directory traversal sequences (special path tricks like '../' to navigate outside intended folders) to read, write, or delete files on the server.
Google has upgraded Gemini, its AI chatbot, to generate interactive 3D models and simulations in response to user questions. Users can rotate these models, adjust sliders to change parameters, and input different values to see real-time changes in the simulation.
OpenClaw, a user-controlled local assistant, had a vulnerability where ClawHub package downloads didn't verify the integrity of downloaded files (a security check ensuring files haven't been tampered with). This meant malicious or corrupted plugin archives could be installed without detection. The vulnerability affected OpenClaw versions 2026.4.1 and earlier.
OpenClaw (a local AI assistant software) had a security bug where the `node.pair.approve` function checked for `operator.write` permissions instead of the more restrictive `operator.pairing` scope, allowing users without proper authorization to approve device pairing on executive-capable nodes. This vulnerability only affects OpenClaw in its single-user trust model and does not impact multi-tenant services.
OpenClaw, a local AI assistant, had a security flaw where WebSocket sessions (persistent connections that allow real-time communication between a client and server) using a shared gateway token remained active even after the token was rotated (changed to a new one). This meant that even after administrators changed the authentication token, old sessions could continue operating without re-authenticating.
Fix: Update to the latest versions of OpenAI's macOS apps through in-app update or official links. OpenAI also addressed the root cause by fixing the GitHub Actions workflow misconfiguration: the workflow previously used a floating tag instead of a specific commit hash and lacked a configured minimumReleaseAge for new packages; these have been corrected. OpenAI rotated the macOS code signing certificate, published new builds of all affected macOS products with the new certificate, and worked with Apple to prevent software notarization using the previous certificate.
OpenAI BlogFlorida's Attorney General has launched an investigation into OpenAI, citing concerns that the company's data and technology could be accessed by hostile foreign governments like China, and that ChatGPT has been connected to criminal activities including child exploitation and self-harm. The investigation also examines whether ChatGPT was used in connection with a shooting at Florida State University.
Fix: Update PraisonAIAgents to version 1.5.128 or later, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update PraisonAIAgents to version 1.5.128 or later, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update PraisonAI to version 4.5.128 or later, which fixes this vulnerability.
NVD/CVE DatabaseFix: Upgrade PraisonAI to version 4.5.128 or later, which fixes this vulnerability.
NVD/CVE DatabaseFix: Update PraisonAI to version 4.5.128 or later, which includes a fix for this vulnerability.
NVD/CVE DatabaseFix: Update PraisonAIAgents to version 1.5.128 or later, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update OpenClaw to version 2026.4.8 or later, which patches the vulnerability by properly removing Git plumbing environment variables before executing host commands.
GitHub Advisory DatabaseFix: Update LangChain to version 0.3.84 or 1.2.28 or later, where the f-string validation has been fixed.
NVD/CVE DatabaseThe agentic SOC is a new operating model where security operations centers use AI agents (software programs that can act autonomously) and automated defenses to respond to threats faster and more independently, rather than waiting for human analysts to handle every alert. Instead of reacting to individual incidents, this approach anticipates cyberattacker movements and automatically takes defensive actions, freeing human analysts to focus on strategic decisions and deeper investigation.
Fix: Update AGiXT to version 1.9.2, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update to OpenClaw npm package version 2026.4.8 or later. The fix is also available in the main branch at commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5.
GitHub Advisory DatabaseFix: Update OpenClaw to version 2026.4.8 or later. The fix is available in the npm package and has been verified in commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5 on the main branch.
GitHub Advisory DatabaseFix: Update OpenClaw to version 2026.4.8 or later. The fix is available in the npm package and has been verified in commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5 on the main branch.
GitHub Advisory Database