aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6402 items

CVE-2026-25962: MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.4, MarkUs curren

mediumvulnerability
security
Mar 5, 2026
CVE-2026-25962

MarkUs is a web application used for collecting and grading student assignments. Before version 2.9.4, the software had a vulnerability where it extracted zip files (compressed file archives) without limiting their size or the number of files inside them, which could allow someone to cause problems by uploading extremely large or numerous files. This vulnerability has been patched in version 2.9.4.

Fix: Update MarkUs to version 2.9.4 or later, as the issue has been patched in this version.

NVD/CVE Database

Microsoft says Anthropic’s products remain available to customers after Pentagon blacklist

infonews
policyindustry

Anthropic CEO says 'no choice' but to challenge Trump admin's supply chain risk designation in court

inforegulatory
policy
Mar 5, 2026

The U.S. Department of Defense has designated Anthropic, an AI company, as a supply chain risk, which blacklists it from government contracts and requires defense contractors to certify they don't use Anthropic's Claude AI models in Pentagon work. Anthropic's CEO says the company will challenge this designation in court, claiming the dispute stems from disagreements over whether Anthropic's AI should be used for fully autonomous weapons or domestic mass surveillance, while the DOD wanted unrestricted access to Claude for all lawful purposes. This makes Anthropic the first American company to be publicly labeled a supply chain risk, a designation traditionally reserved for foreign adversaries.

Anthropic to challenge DOD’s supply-chain label in court

inforegulatory
policy
Mar 5, 2026

Anthropic announced it will legally challenge the Department of Defense's decision to label the company a supply-chain risk (a designation that can prevent a company from working with the Pentagon), which the company's CEO called "legally unsound." The dispute arose because the DOD wanted unrestricted access to Anthropic's Claude AI system for all military purposes, while Anthropic refused to allow its AI to be used for mass surveillance or fully autonomous weapons. Anthropic argues the designation is too broad and violates the law's requirement to use the least restrictive means necessary to protect the supply chain.

CVE-2026-2589: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure

mediumvulnerability
security
Mar 5, 2026
CVE-2026-2589

The Greenshift plugin for WordPress (used to create animations and page builder blocks) has a vulnerability where automated backup files are stored in a publicly accessible location, allowing attackers to read sensitive API keys (for OpenAI, Claude, Google Maps, Gemini, DeepSeek, and Cloudflare Turnstile) without needing to log in. This affects all versions up to 12.8.3.

Introducing GPT‑5.4

infonews
industry
Mar 5, 2026

OpenAI released GPT-5.4 and GPT-5.4-pro, two new AI models with a 1 million token context window (the amount of text the model can consider at once) and an August 31st, 2025 knowledge cutoff. The models are priced slightly higher than the previous GPT-5.2 family and show significant improvements on business tasks like spreadsheet modeling, achieving 87.3% accuracy compared to 68.4% for GPT-5.2.

The Pentagon formally labels Anthropic a supply-chain risk

infonews
policy
Mar 5, 2026

The US Defense Department has officially labeled Anthropic (maker of Claude, an AI assistant) a 'supply-chain risk,' which will prevent defense contractors from using Claude in products made for the government. This escalates a dispute between the Pentagon and Anthropic over their policies on acceptable uses of the AI, and may lead to legal action.

CVE-2026-28451: OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that al

mediumvulnerability
security
Mar 5, 2026
CVE-2026-28451

OpenClaw versions before 2026.2.14 have a server-side request forgery vulnerability (SSRF, where an attacker tricks a server into making requests to unintended targets) in the Feishu extension that allows attackers to fetch remote URLs and access internal services through the sendMediaFeishu function and markdown image processing. Attackers can exploit this by manipulating tool calls or using prompt injection (tricking the AI by hiding instructions in its input) to trigger these requests and re-upload the responses as Feishu media.

Anthropic labelled a supply chain risk by Pentagon

infonews
policyindustry

GHSA-jc5m-wrp2-qq38: Flowise Vulnerable to PII Disclosure on Unauthenticated Forgot Password Endpoint

mediumvulnerability
security
Mar 5, 2026

Flowise's forgot-password endpoint leaks personally identifiable information (PII: sensitive data like names and account IDs that identify individuals) to anyone who knows a valid email address, because it returns the full user object instead of a generic success message. An attacker can exploit this by sending a simple request to `/api/v1/account/forgot-password` with any email address and receive back user IDs, names, creation dates, and other account details without needing to log in.

AWS launches a new AI agent platform specifically for healthcare

infonews
industry
Mar 5, 2026

AWS launched Amazon Connect Health, an AI agent-powered platform (software that completes complex tasks automatically) designed to help healthcare organizations automate administrative work like appointment scheduling and patient records. The platform is HIPAA-eligible (meets healthcare privacy and security standards) and integrates with existing electronic health record systems, marking AWS's first major AI agent product in a regulatory-compliant healthcare offering.

GHSA-x2g5-fvc2-gqvp: Flowise has Insufficient Password Salt Rounds

mediumvulnerability
security
Mar 5, 2026

Flowise uses an insufficiently weak password hashing setting where bcrypt (a password encryption algorithm) is configured with only 5 salt rounds, which provides just 32 iterations compared to OWASP's recommended minimum of 10 rounds (1024 iterations). This weakness means that if a database is stolen, attackers can crack user passwords roughly 30 times faster using modern GPUs, putting all user accounts at risk.

CVE-2026-0848: NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegment

criticalvulnerability
security
Mar 5, 2026
CVE-2026-0848

NLTK (Natural Language Toolkit, a Python library for text processing) versions 3.9.2 and earlier have a serious vulnerability in the StanfordSegmenter module, which loads external Java files without checking if they are legitimate. An attacker can trick the system into running malicious code by providing a fake Java file, which executes when the module loads, potentially giving them full control over the system.

It’s official: The Pentagon has labeled Anthropic a supply-chain risk

inforegulatory
policyindustry

GHSA-g48c-2wqr-h844: LangGraph checkpoint loading has unsafe msgpack deserialization

mediumvulnerability
security
Mar 5, 2026
CVE-2026-28277

LangGraph has a vulnerability where checkpoints stored using msgpack (a serialization format for encoding data) can be unsafe if an attacker gains write access to the checkpoint storage (like a database). When the application loads a checkpoint, unsafe code could be executed if an attacker crafted a malicious payload. This is a post-compromise risk that requires the attacker to already have privileged access to the storage system.

CVE-2026-28353: Trivy Vulnerability Scanner is a VS Code extension that helps find vulnerabilities. In Trivy VSCode Extension version 1.

criticalvulnerability
security
Mar 5, 2026
CVE-2026-28353

Trivy VSCode Extension version 1.8.12 (a tool that scans code for security weaknesses) was compromised with malicious code that could steal sensitive information by using local AI coding agents (AI tools running on a developer's computer). The malicious version has been removed from the marketplace where it was distributed.

OpenAI's Altman takes jabs at Anthropic, says government should be more powerful than companies

infonews
policyindustry

When Technology Becomes an Ideological Battleground: How Data Ideology Affects Affordance Actualization in People Analytics

inforesearchPeer-Reviewed
research

Mortgages in 47 seconds: Better’s new ChatGPT app targets lenders Rocket and UWM

infonews
industry
Mar 5, 2026

Better.com has partnered with OpenAI to create a ChatGPT app that dramatically speeds up mortgage underwriting, reducing the process from 21 days to as little as 47 seconds by using AI models to run multiple workflows in parallel. The app combines Better's mortgage engine with OpenAI's language models to help loan officers at banks, brokers, and fintech firms process mortgages faster and cheaper. This AI-powered approach is positioning Better as a "mortgage-as-service" platform that could reshape the mortgage industry by enabling competitors to undercut larger players like Rocket Mortgage and United Wholesale Mortgage.

Anthropic officially told by DOD that it's a supply chain risk even as Claude used in Iran

infonews
policysecurity
Previous180 / 321Next
Mar 5, 2026

After the U.S. Department of War labeled Anthropic a supply-chain risk (a company whose products could pose security or operational risks to government systems), Microsoft announced it will continue offering Anthropic's Claude AI models to most customers through platforms like Microsoft 365 and GitHub, except to the Pentagon. The decision comes as other defense companies are moving away from Anthropic's technology toward competing AI providers like OpenAI.

CNBC Technology
CNBC Technology
TechCrunch
NVD/CVE Database
Simon Willison's Weblog
The Verge (AI)

Fix: Upgrade OpenClaw to version 2026.2.14 or later.

NVD/CVE Database
Mar 5, 2026

The US Pentagon has officially labeled Anthropic, an AI company, as a supply chain risk, marking the first time the government has given this designation to a US firm. This decision stems from Anthropic's refusal to give the military unrestricted access to its AI tools, citing concerns about mass surveillance and autonomous weapons development. The designation prohibits any company working with the military from conducting business with Anthropic.

BBC Technology
GitHub Advisory Database
TechCrunch

Fix: The source recommends increasing the default PASSWORD_SALT_HASH_ROUNDS environment variable to at least 10 (as recommended by OWASP), or considering 12 for a better balance between security and login performance. The source also recommends documenting that higher values will increase login time but improve security. Note: the source acknowledges that existing password hashes created with 5 rounds will remain vulnerable even after this change is applied.

GitHub Advisory Database
NVD/CVE Database
Mar 5, 2026

The U.S. Department of Defense has officially designated Anthropic, an AI company, as a supply-chain risk (a classification usually reserved for foreign adversaries), requiring any organization working with the Pentagon to certify it doesn't use Anthropic's products. This designation came after Anthropic CEO Dario Amodei refused to allow the military to use the company's AI systems for mass surveillance of Americans or to power fully autonomous weapons with no human involvement in targeting decisions. The move is threatening Anthropic's operations, especially since the military currently relies on Anthropic's Claude AI for operations in the Middle East and other classified work.

TechCrunch

Fix: LangGraph provides several mitigation options: (1) Set the environment variable `LANGGRAPH_STRICT_MSGPACK` to a truthy value (`1`, `true`, or `yes`) to enable strict mode, which blocks unsafe object types by default. (2) Configure `allowed_msgpack_modules` in your serializer or checkpointer to `None` (strict mode, only safe types allowed), a custom allowlist of specific modules and classes like `[(module, class_name), ...]`, or `True` (the default, allows all types but logs warnings). (3) When compiling a `StateGraph` with `LANGGRAPH_STRICT_MSGPACK` enabled, LangGraph automatically derives an allowlist from the graph's schemas and channels and applies it to the checkpointer.

GitHub Advisory Database

Fix: Users are advised to immediately remove the affected artifact and rotate environment secrets (credentials and keys stored on their system).

NVD/CVE Database
Mar 5, 2026

This article covers a public dispute between AI company leaders Sam Altman (OpenAI) and Dario Amodei (Anthropic) regarding government power and company influence, along with a conflict between Anthropic and the U.S. Department of Defense that resulted in the Pentagon blacklisting Anthropic's AI models and directing federal agencies to stop using them. OpenAI subsequently announced its own agreement with the Department of Defense, which drew criticism for appearing opportunistic, though Altman stated the company intended to de-escalate the situation.

CNBC Technology
Mar 5, 2026

This research examines how employees with different roles in organizations perceive people analytics (systems that collect and analyze worker behavioral data to improve efficiency), and discovers that their views are shaped by data ideologies, which are underlying beliefs and assumptions about data and its use. The study found that data ideologies influence whether employees actually use these technologies in practice, operating through three mechanisms: moderation (limiting use), confirmation (supporting existing beliefs), and modulation (adjusting how technologies are applied). Understanding these different ideologies is important for successfully implementing workplace data collection systems.

AIS eLibrary (Journal of AIS, CAIS, etc.)
CNBC Technology
Mar 5, 2026

The U.S. Department of Defense has officially designated Anthropic (the company behind Claude, an AI model) as a supply chain risk, effective immediately, requiring defense contractors to certify they don't use Claude in their Pentagon work. This designation stems from a dispute over AI use restrictions: Anthropic wanted safeguards against autonomous weapons and mass surveillance, while the DOD demanded unrestricted access to Claude for all lawful military purposes. Anthropic stated it will challenge the designation in court.

CNBC Technology