All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Major AI infrastructure projects like OpenAI's Stargate datacentre (a massive computing facility where AI systems run) are facing financial and timeline challenges, with OpenAI backing away from parts of a planned $500 billion expansion in Texas. The article suggests that massive investments in datacentres and AI chips represent a significant economic gamble, with the UK potentially at particular risk if this 'AI bubble' deflates.
Microsoft is planning to release Gaming Copilot, an AI assistant that helps players when they get stuck in games, on current-generation Xbox consoles later this year. The assistant, which responds to voice commands, has already been tested in beta versions on Xbox's mobile app, Windows 11, and Xbox Ally handhelds, and Microsoft plans to expand it to additional gaming services.
LibreChat, a ChatGPT alternative with extra features, has a vulnerability in versions before 0.8.3-rc1 where an authenticated attacker can crash the server by sending malformed requests to a specific endpoint. The bug occurs because the code tries to extract data from a request without checking if it exists first, causing an unhandled error (a TypeError, which is a type of programming mistake) that shuts down the entire Node.js server process.
LibreChat versions 0.8.2 to 0.8.2-rc3 have a security flaw in the MCP (Model Context Protocol, a system for connecting AI models to external services) OAuth callback endpoint that fails to verify the user's identity. An attacker can trick a victim into completing an authorization flow, which stores the victim's OAuth tokens (credentials that grant access to services) on the attacker's account, allowing the attacker to take over the victim's connected services like Atlassian or Outlook.
Nvidia is shifting focus toward CPUs (central processing units, the main general-purpose chips in computers) alongside its famous GPUs (graphics processing units) because agentic AI (AI systems that autonomously complete tasks by orchestrating multiple agents working together) requires significant general computing power to move data and coordinate workflows. The company is unveiling new CPU details at its GTC conference, with demand from major partners like Meta driving a predicted doubling of the CPU market from $27 billion in 2025 to $60 billion by 2030.
CairoSVG (an SVG image processing library) has a denial-of-service vulnerability where recursive `<use>` elements (SVG tags that reference other graphics elements) can be nested without limits, causing exponential CPU exhaustion. A tiny 1,411-byte SVG file with just 5 levels of nesting and 10 references each triggers 100,000 render calls, pinning CPU at 100% indefinitely.
Anthropic has made 1M context (the ability to process 1 million tokens, which are small units of text that AI models break language into) generally available for its Opus 4.6 and Sonnet 4.6 models at standard pricing, with no additional charge for using the full window. This differs from competitors like OpenAI and Gemini, which charge premium rates when token usage exceeds certain thresholds (200,000 tokens for Gemini 3.1 Pro and 272,000 for GPT-5.4).
This content consists of letters to an editor about family quizzes and avoiding AI chatbots. One letter mentions that submitting gibberish to chatbots can circumvent them and quickly connect users to human support staff.
Fix: Update LibreChat to version 0.8.3-rc1 or later, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Update to LibreChat version 0.8.3-rc1, where this vulnerability is fixed.
NVD/CVE DatabaseFix: Add recursion depth counter to the `use()` function in `cairosvg/defs.py` (line ~335) and cap it at approximately 10 levels. Additionally, implement a total element budget to prevent amplification attacks.
GitHub Advisory DatabaseServiceNow's CEO warns that AI agents (software programs that can perform tasks independently) automating work could push college graduate unemployment into the mid-30s within a few years, making it harder for entry-level workers to stand out. Multiple major tech companies are already using AI to cut jobs and reduce hiring costs, affecting both technical roles like coding and white-collar positions across industries.
The US Department of War designated Anthropic as a 'supply chain risk' (a classification that prevents a company from being used in government contracts) after the company refused to remove safety restrictions on its AI model Claude, specifically rejecting military demands to enable fully autonomous weapons and domestic mass surveillance. Anthropic is challenging this designation in court, and legal experts question whether the Department of War has the authority to impose such restrictions outside of actual contract disputes.
Researchers developed SMInject, a new type of attack that tricks multimodal AI models (systems that process both text and images together) by injecting deceptive instructions that exploit how different data types relate to each other. The attack is designed to be harder to detect than previous methods and achieves higher success rates while still keeping the model appearing to work normally.
MSDT is a blockchain-based protocol (a system using distributed ledger technology) designed to let people safely buy and sell data without needing a trusted middleman. The main challenge it addresses is ensuring that both the data buyer receives what they paid for and the seller gets paid simultaneously (called atomicity), while also verifying the data is actually good quality. MSDT solves this by using state channels (off-chain transactions that reduce costs) for trading contracts and adding a staking mechanism (where participants lock up funds as a security deposit) to discourage sellers from behaving dishonestly.
EBFT is a new consensus framework for permissioned blockchains (private blockchain networks where participants are known) that improves security by having nodes randomly propose blocks instead of relying on a single leader node. It combines ideas from Nakamoto consensus (the longest-chain rule used in Bitcoin) with classical BFT (Byzantine fault tolerance, a method for systems to reach agreement even when some nodes are faulty or malicious), achieving strong safety guarantees while remaining simple to implement.
Third-party applications (TPAs, external software added to Kubernetes clusters) can be exploited to take over Kubernetes clusters, a container orchestration platform (software that manages containerized applications). Researchers created KubeSec, a tool that automatically analyzes these applications to find security weaknesses, discovering 562 insecure RBAC (role-based access control, a permission system in Kubernetes) patterns and 375 vulnerabilities affecting millions of users. The research revealed that these vulnerabilities take over 10 months on average to fix, highlighting a critical security gap in Kubernetes cluster management.
This research proposes CP-A²2BE, a security system for sharing data in Industrial Internet of Things (IIoT, or connected devices in factories). The system uses ciphertext-policy attribute-based encryption (a method that encrypts data so only users with specific characteristics can decrypt it) with three improvements: faster decryption through edge computing (processing at local factory nodes instead of distant servers), privacy protection for device and worker attributes, and a verifiable revocation mechanism (a way to instantly revoke access while proving the operation is legitimate).
This paper presents EPRU, a reputation-based authentication system designed to help vehicles in platoons (groups of cars traveling together) communicate securely and trustworthily. Unlike existing systems that only verify message integrity, EPRU also evaluates whether the content of messages is credible by tracking vehicle behavior in real time, using encryption (mathematical techniques that scramble data) to protect vehicle identities and feedback data.
This research addresses the challenge of detecting deepfakes (synthetic videos or images created by AI to manipulate someone's appearance) by proposing a new detection method called a triple-branch network. The method analyzes images using both spatial features (visual patterns) and frequency features (patterns that emerge when you break down images into their component wavelengths), combined with a mathematical approach based on mutual information theory (a concept measuring how much information one variable reveals about another) to improve detection accuracy across different types of forgeries.
Researchers created Fraud-RLA, an adversarial attack (a method to trick AI systems by finding weaknesses) that uses reinforcement learning (a technique where AI learns by trial and error to maximize rewards) to evade credit card fraud detection systems. The attack is designed to steal maximum amounts of money while requiring less background knowledge about the system than other attack methods. Tests showed the attack worked effectively against realistic fraud detection systems.
This paper describes ANCC, a method for hiding secret communications within the Tor network (an anonymous internet overlay system) by disguising data as normal Tor activity. Unlike previous hidden communication methods that could expose either the sender or receiver, ANCC protects the identity of both parties and conceals that they are communicating at all, even against adversaries monitoring many network nodes.
The US military is considering using generative AI systems (AI models that can create text and analyze data) to help rank military targets and recommend which ones to strike, with human officials making final decisions. The Pentagon is also favoring OpenAI's ChatGPT and xAI's Grok for these high-stakes military applications, while facing criticism from officials who claim that Anthropic's Claude would negatively affect the defense supply chain.