All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
OpenClaw, a local AI assistant software, had a bug where authentication state (the stored information about who is allowed to connect) could become outdated after the system reloaded its configuration, potentially allowing new connections to use old, incorrect permission settings. This vulnerability affected OpenClaw versions 2026.4.1 and earlier.
Fix: Update OpenClaw to version 2026.4.8 or later. The fix is available in the patched npm version, and the underlying code change is available in commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5 on the main development branch.
GitHub Advisory DatabaseOpenClaw, a user-controlled local assistant, had a security flaw where `node.invoke(browser.proxy)` could bypass the `browser.request` guard and modify persistent browser profiles (stored settings that shouldn't be changed without permission). The vulnerability affected versions up to v2026.04.01.
OpenClaw's `device.token.rotate` function had a security flaw where it could create tokens with roles (sets of permissions) that hadn't been properly approved through the required pairing process, potentially letting users gain unauthorized access levels. This vulnerability only affects OpenClaw, which is a local assistant software that runs on a user's own device.
OpenClaw, a local AI assistant tool, had a security vulnerability where certain environment variables (HGRCPATH, CARGO_BUILD_RUSTC_WRAPPER, RUSTC_WRAPPER, and MAKEFLAGS) were not blocked from being passed to system commands, allowing attackers to achieve RCE (remote code execution, where an attacker can run commands on a system they don't own) through malicious build tool settings. This vulnerability affected versions before 2026.4.8.
Major AI companies like OpenAI and Anthropic face a "monetization cliff" where they must become profitable soon or risk collapse, since they've received hundreds of billions in investment but haven't generated enough revenue to justify those costs. AI agents (software programs that can perform tasks autonomously) consume far more computing power than expected, forcing these companies to make difficult choices like killing unprofitable products and restricting free access to conserve resources for their upcoming initial public offerings (IPOs, when companies sell shares to the public for the first time).
Meta has released Muse Spark, its first new AI model after spending billions on hiring and infrastructure, but faces pressure to prove it can generate revenue from AI like competitors OpenAI and Google have done. The company is shifting from open-source models (like its previous Llama family) to a proprietary approach, planning to charge developers for API (application programming interface, a way for software to request data or services from other software) access after an initial preview period. Analysts believe Meta's real advantage lies not in competing with other AI labs for developers, but in using the model to improve its core business: advertising to the 3 billion monthly users of Facebook, Instagram, and WhatsApp.
Researchers found that Google API keys (credentials that allow apps to access Google services) embedded in Android applications can be extracted from decompiled code (the readable version of compiled software), potentially allowing unauthorized access to Gemini endpoints (the AI service interfaces). This means attackers could use stolen keys to access Google's Gemini AI service without permission.
YouTube Shorts is launching a new AI feature that lets creators make digital clones of themselves, called avatars, that look and sound like them and can be used in videos. The feature adds to YouTube's struggle with managing AI-generated content, including deepfakes (synthetic videos where someone's face or voice is digitally recreated to look authentic), AI slop (low-quality AI-generated content), and impersonation scams.
LinkedIn has been accused by a European company of secretly scanning users' computers for installed software and sharing that data with third parties, without user consent or disclosure in its privacy policy. LinkedIn denies the core accusation but acknowledges it scans for browser extensions (software that adds features to web browsers) to detect abuse, though it did not clarify whether it uses the collected data only for that purpose.
Google is adding a feature called "notebooks" to Gemini (its AI chatbot) that lets users organize files, past conversations, and custom instructions about specific topics in one place. Gemini can then use this organized information as context (background information the AI considers) when answering questions, similar to ChatGPT's Projects feature from 2024.
OpenAI is running a skill-based contest during the 2026 IPL cricket season where eligible Indian residents can use ChatGPT's Full Fan Mode feature to generate images, share them on Instagram with creative captions, and tag @chatgptindia for a chance to win prizes. The contest requires participants to be at least 18 years old, have a public Instagram account, be registered OpenAI users, and submit only images generated through the Full Fan Mode tool that comply with OpenAI's policies and Instagram's terms.
Fix: Update to patched version `2026.4.8` or later. The fix is available in npm and was verified in commit `d7c3210cd6f5fdfdc1beff4c9541673e814354d5`.
GitHub Advisory DatabaseFix: Update OpenClaw to version 2026.4.8 or later. The fix is available in the patched npm version and was merged into the main codebase at commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5.
GitHub Advisory DatabaseOpenAI has delayed its Stargate UK project, which was a planned major investment in Britain's AI infrastructure as part of a larger UK-US deal announced last September. The company cited high energy costs and regulatory concerns as reasons for the delay, disappointing the British government which had positioned AI development as central to its economic growth strategy.
OpenAI has paused its UK data centre project called Stargate UK, which would have built a large computing facility in Northumberland to support AI development, citing concerns about high energy costs and regulatory uncertainty. The company stated it will only move forward when conditions improve, though critics note that energy prices and UK AI regulation have not recently changed significantly. This pause is a setback for the UK government's goal to position the country as an AI leader and boost economic growth through tech investment.
Fix: Update OpenClaw to version 2026.4.8 or later. The fix was released in npm version 2026.4.8 and is available on the main branch at commit d7c3210cd6f5fdfdc1beff4c9541673e814354d5.
GitHub Advisory DatabaseResearchers at RSAC found a way to bypass Apple Intelligence's guardrails (safety measures that prevent the AI from doing harmful tasks) using two techniques: the Neural Exect method and Unicode manipulation (using special characters to confuse the system). This means attackers could potentially trick Apple's AI into ignoring its safety restrictions.
This newsletter covers multiple topics including geopolitical tensions, AI regulation, and market movements, with a focus on Iran's ceasefire allegations against the U.S., Anthropic's court loss regarding Pentagon blacklisting over AI safeguard disagreements, and Federal Reserve expectations for interest rate cuts in 2026.
In March 2026, organizations faced an average of nearly 2,000 cyber-attacks per week, showing a slight 4-5% decrease but remaining at historically high levels. The threat landscape continues to be driven by automation, expanded attack surfaces from cloud adoption, and risks related to GenAI (generative AI, where systems create new content from training data) usage.
OpenAI has paused its Stargate project in the U.K., which was planned to deploy up to 8,000 graphics processing units (GPUs, the specialized hardware used to train and run AI models) for AI infrastructure. The company cited two main reasons: the U.K.'s high industrial energy costs and concerns about the country's regulatory environment, particularly new rules being developed around how AI models can use copyrighted work.
Shadow AI refers to AI tools that employees use without approval from their organization's IT and security teams, operating outside security oversight and creating hidden risks. Unlike shadow IT (unapproved software), shadow AI is particularly dangerous because it processes and stores sensitive data beyond security teams' visibility, leading to potential data leaks, expanded attack surfaces (new entry points for hackers), and bypassed security controls. The problem is spreading because AI tools are easy to use, instantly helpful, and many organizations lack clear policies on their use.
Trail of Bits released a new Testing Handbook chapter focused on security code review for C and C++, covering common bug classes like memory safety issues, integer errors, and type confusion across Linux, Windows, and seccomp (secure computing mode, a Linux feature that restricts system calls) environments. They are also developing a Claude skill that uses an LLM (large language model) to automatically find bugs by running checklist-based prompts against codebases. The handbook emphasizes manual code review techniques and includes platform-specific vulnerabilities like DLL planting on Windows and sandbox bypasses in Linux seccomp filters.
Researchers developed new data augmentation strategies (techniques for artificially expanding training datasets) to improve website fingerprinting, which is a method to identify which websites users visit by analyzing their network traffic patterns. The study, published in August 2026, demonstrates how combining multiple augmentation approaches can make these fingerprinting techniques more effective.