aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6382 items

Webflow buys AI content-generation platform Vidoso to bolster its marketing suite

infonews
industry
Mar 12, 2026

Webflow, a website-building platform, has acquired Vidoso, an AI content-generation startup that uses large language models (AI systems trained on text data to generate new text) to help companies create marketing materials like images, videos, and blog posts. The acquisition aims to help Webflow expand its marketing capabilities and address a key problem: frontier models (AI systems trained on general internet data) create generic content without understanding a company's specific brand rules and approval workflows.

TechCrunch

Gemini’s task automation is here and it’s wild

infonews
industry
Mar 12, 2026

Google and Samsung announced that Gemini, their AI assistant, can now automate tasks by controlling apps on your behalf through a virtual interface, starting with food delivery and rideshare services. Users can give simple text prompts and Gemini will interact with these apps to complete actions like ordering food or booking rides, which is a capability AI assistants have long promised but rarely delivered.

Bumble to launch an AI dating assistant, ‘Bee’

infonews
industry
Mar 12, 2026

Bumble is launching an AI assistant called 'Bee' that learns users' dating preferences, values, and communication styles through private conversations to recommend more compatible matches. The AI-powered feature is currently in beta testing and will initially power a new matching experience called 'Dates,' with plans to expand into other areas like date suggestions and feedback collection.

Bumble introduces an AI dating assistant, ‘Bee’

infonews
industry
Mar 12, 2026

Bumble, a dating app company, has introduced 'Bee,' a generative AI assistant (software that creates text and generates responses) that learns users' preferences, values, and relationship goals through private conversations to recommend better matches. The AI will power a new feature called 'Dates' that identifies compatible users and notify both parties, and Bumble plans to expand Bee's use to features like date suggestions and match feedback in the future.

Tesla becomes a utility in the UK, setting up showdown with Octopus Energy

infonews
industry
Mar 12, 2026

Tesla has received an official license from the UK's Office of Gas and Electricity Markets to operate as a utility, meaning it can now sell electricity directly to homes and businesses. This move builds on Tesla's existing energy business, which includes battery products like the Powerwall and a virtual power plant (a network of distributed batteries that can supply electricity to the grid), and will put it in competition with established UK utilities like Octopus Energy.

Anthropic’s Claude AI can respond with charts, diagrams, and other visuals now

infonews
industry
Mar 12, 2026

Anthropic has updated Claude, its AI chatbot, to generate and display custom charts, diagrams, and other visual content directly in conversations when it determines visuals would be helpful. Examples include interactive visualizations like periodic tables or structural diagrams that users can click on for more details.

Gumloop lands $50M from Benchmark to turn every employee into an AI agent builder

infonews
industry
Mar 12, 2026

Gumloop, a platform that lets non-technical employees build AI agents (autonomous programs that handle multi-step tasks without human intervention) to automate work, just raised $50 million in funding from investment firm Benchmark. The company competes with tools like Zapier and Anthropic's Claude Co-Work, and investors believe its easy-to-use interface and flexibility to work with different AI models will help it dominate enterprise automation.

Palantir is still using Anthropic's Claude as Pentagon blacklist plays out, CEO Karp says

infonews
policyindustry

Microsoft backs AI firm Anthropic in legal battle against Pentagon

infonews
policy
Mar 12, 2026

Microsoft and other major tech companies filed legal briefs supporting Anthropic's court challenge against a Pentagon designation that blocks the AI company from government work. Microsoft argued that the restriction would disrupt suppliers who use Anthropic's AI tools, including those providing systems to the US military.

GHSA-pf93-j98v-25pv: ha-mcp has XSS via Unescaped HTML in OAuth Consent Form

mediumvulnerability
security
Mar 12, 2026
CVE-2026-32112

The ha-mcp OAuth consent form has a cross-site scripting (XSS) vulnerability, where user-controlled data is inserted into HTML without escaping (the process of converting special characters so they display as text rather than execute as code). An attacker could register a malicious application and trick the server operator into visiting a crafted authorization URL, allowing the attacker to run JavaScript in the operator's browser and steal sensitive tokens. This only affects users running the beta OAuth mode, not the standard setup.

Detecting and analyzing prompt abuse in AI tools

infonews
securitysafety

Anthropic doesn’t trust the Pentagon, and neither should you

infonews
policysecurity

Bespoke AI models are the next big thing in filmmaking

infonews
industry
Mar 12, 2026

Current popular AI video models like Sora, Vevo, and Runway aren't very effective for making films and TV shows, despite hype suggesting AI could create entire productions automatically. AI companies are now developing custom models designed specifically for filmmakers' creative needs while trying to avoid copyright issues.

Anthropic’s Claude would ‘pollute’ defense supply chain: Pentagon CTO

inforegulatory
policysecurity

C-GAN: Medical Image Steganography Based on Convergent GANs With Localization

inforesearchPeer-Reviewed
research

Correction to “Local Information Privacy and its Applications to Data Aggregation”

inforesearchPeer-Reviewed
research

FreeFL: Privacy-Preserving Cross-Silo Federated Learning Without Third Party

inforesearchPeer-Reviewed
research

Toward Generalizable Deepfake Detection via Forgery-Aware Audio–Visual Adaptation: A Variational Bayesian Approach

inforesearchPeer-Reviewed
research

Adversarial Semantic and Label Perturbation Attack for Pedestrian Attribute Recognition

inforesearchPeer-Reviewed
research

Co-Boosting++: Coupled Optimization of Data and Ensemble for One-Shot Federated Learning

inforesearchPeer-Reviewed
research
Previous167 / 320Next
The Verge (AI)
TechCrunch
TechCrunch
TechCrunch
The Verge (AI)
TechCrunch
Mar 12, 2026

Palantir continues using Anthropic's Claude (a large language model, or LLM, which is AI software trained to understand and generate text) despite the Pentagon designating Anthropic a supply-chain risk (a company or product deemed potentially unreliable or unsafe for government use). The Department of Defense plans to phase out Anthropic's tools over six months, though exemptions may be granted for critical national security operations.

Fix: According to the source, the Department of Defense has set a six-month period for federal agencies to phase out Anthropic's products. An internal Pentagon memo states that exemptions will be considered for 'mission-critical activities' in rare circumstances where 'no viable alternative exists.' The DOD Chief Technology Officer noted that the government will transition to other large language models, but that 'you can't just rip out a system that's deeply embedded overnight.'

CNBC Technology
The Guardian Technology

Fix: Upgrade to version 7.0.0

GitHub Advisory Database
Mar 12, 2026

Prompt abuse occurs when attackers craft inputs to make AI systems perform unintended actions, such as revealing sensitive information or bypassing safety rules. Three main types exist: direct prompt override (forcing an AI to ignore its instructions), extractive abuse (extracting private data the user shouldn't access), and indirect prompt injection (hidden malicious instructions in documents or web pages that the AI interprets as legitimate input). The article emphasizes that detecting prompt abuse is difficult because it uses natural language manipulation that leaves no obvious trace, and without proper logging, attempts to access sensitive information can go unnoticed.

Fix: The source mentions that organizations can use an 'AI assistant prompt abuse detection playbook' and 'Microsoft security tools' to detect, investigate, and respond to prompt abuse by turning logged interactions into actionable insights. However, the source text does not provide specific details about what these tools are, how to implement them, or concrete technical steps for detection and mitigation. The full implementation details are referenced but not included in the provided content.

Microsoft Security Blog
Mar 12, 2026

Anthropic, maker of the AI assistant Claude, is in a legal dispute with the Pentagon after being designated a supply chain risk (a company that poses a security threat to government operations). The core issue involves disagreement over whether the U.S. government can be trusted to follow the law when using AI for surveillance, given a long history of government lawyers interpreting surveillance laws in ways that expand government monitoring far beyond what the plain language of those laws seems to allow.

The Verge (AI)
The Verge (AI)
Mar 12, 2026

The U.S. Department of Defense designated Anthropic's Claude AI as a supply chain risk, citing concerns that the company's built-in policy preferences (established through its constitutional training approach) could compromise military effectiveness and security. The Pentagon requires defense contractors to certify they don't use Claude, though the DOD acknowledged that transitioning away from the technology will take time.

CNBC Technology
Mar 12, 2026

This paper presents C-GAN, a method for medical image steganography (hiding secret messages inside medical images in a way that is undetectable to observers) using GANs (generative adversarial networks, a type of AI system where two neural networks compete to improve each other). The researchers improved previous steganography approaches by using a special measurement called Zero-centered Wasserstein distance to make training more stable and by adding local regularization to increase how much data can be hidden while keeping images looking natural.

IEEE Xplore (Security & AI Journals)
privacy
Mar 12, 2026

Researchers are correcting their previous work on Local Information Privacy (LIP, a method for protecting individual data when collecting information from groups of people). They discovered their original claim about how well their privacy-protecting mechanism works was not completely accurate, so they are now providing the correct range of parameters and proposing new algorithms to improve it.

IEEE Xplore (Security & AI Journals)
security
Mar 12, 2026

Cross-silo federated learning (FL, a method where organizations train AI models together by sharing only local gradients instead of raw data) has privacy risks because gradients can leak sensitive information. FreeFL is a new approach that eliminates the need for a trusted third party and a centralized aggregator by using decentralized symmetric encryption with additive homomorphism (a type of encryption that allows computation on encrypted data), achieving better efficiency in both computation and communication than existing methods.

IEEE Xplore (Security & AI Journals)
safety
Mar 12, 2026

This research paper presents a new method called FoVB (Forgery-aware Audio-Visual Adaptation with Variational Bayes) to detect deepfakes (AI-generated fake videos that manipulate both audio and video). The method works by analyzing the relationship between audio and video to find mismatches, such as when lip movements don't match the sound, which are telltale signs of deepfakes.

IEEE Xplore (Security & AI Journals)
security
Mar 12, 2026

This research paper explores vulnerabilities in Pedestrian Attribute Recognition (PAR), a computer vision task that identifies characteristics of people in images using AI models. The authors developed both adversarial attacks (methods to fool the system with manipulated images) and a defense strategy called semantic offset defense to protect PAR systems, testing their approach on multiple datasets.

Fix: The paper proposes a semantic offset defense strategy to suppress the influence of adversarial attacks on pedestrian attribute recognition systems. Source code is made available at https://github.com/Event-AHU/OpenPAR.

IEEE Xplore (Security & AI Journals)
Mar 12, 2026

Co-Boosting++ is a framework for one-shot federated learning (OFL, a method where multiple devices train a shared model with only one communication round), which improves how synthetic data and model ensembles work together. The framework alternates between generating challenging synthetic data samples to test the model and adjusting the ensemble weights using a Mixture of Experts mechanism (a technique that dynamically selects which component models to trust based on the task), resulting in better overall model performance.

IEEE Xplore (Security & AI Journals)