aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6409 items

Defense secretary Pete Hegseth designates Anthropic a supply chain risk

infonews
policyindustry
Feb 27, 2026

The US Secretary of Defense designated Anthropic, an AI company that makes Claude (an LLM, or large language model that generates text), as a supply-chain risk and banned its products from federal government use. This decision could affect major tech companies like Palantir and AWS that use Claude in their work with the Pentagon, though it's unclear how broadly the ban will apply to companies contracting with Claude for non-military purposes.

The Verge (AI)

OpenAI fires employee for using confidential info on prediction markets

infoincident
securitypolicy

How Amazon's massive stake in OpenAI could boost its AI and cloud businesses

infonews
industry
Feb 27, 2026

Amazon announced a strategic partnership with OpenAI involving up to $50 billion in investment, with OpenAI committing to spend $100 billion on Amazon Web Services (AWS, Amazon's cloud computing platform) over eight years. The deal includes OpenAI deploying Amazon's AI chips and the two companies jointly developing customized AI models, marking a significant expansion of Amazon's AI infrastructure investments alongside its existing partnerships with OpenAI's competitor Anthropic.

CVE-2026-28416: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Fo

highvulnerability
security
Feb 27, 2026
CVE-2026-28416

Gradio, a Python package for building AI demos, had a vulnerability (SSRF, or server-side request forgery, where an attacker tricks a server into making requests it shouldn't) before version 6.6.0 that let attackers access internal services and private networks by hosting a malicious Gradio Space that victims load with the `gr.load()` function.

CVE-2026-28415: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, the _redirect_to_target(

mediumvulnerability
security
Feb 27, 2026
CVE-2026-28415

Gradio, a Python package for building AI interfaces quickly, has a vulnerability in versions before 6.6.0 where the _redirect_to_target() function doesn't validate the _target_url parameter, allowing attackers to redirect users to malicious external websites through the /logout and /login/callback endpoints on apps using OAuth (a login system). This vulnerability only affects Gradio apps running on Hugging Face Spaces with gr.LoginButton enabled.

CVE-2026-28414: Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Win

highvulnerability
security
Feb 27, 2026
CVE-2026-28414

Gradio (an open-source Python package for building web interfaces quickly) has a vulnerability in versions before 6.7 on Windows with Python 3.13 and newer that allows attackers to read any file from the server by exploiting a flaw in how the software checks if file paths are absolute (starting from the root directory). The vulnerability exists because Python 3.13 changed how it defines absolute paths, breaking Gradio's protections against path traversal (accessing files outside intended directories).

CVE-2026-27167: Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version

nonevulnerability
security
Feb 27, 2026
CVE-2026-27167

Gradio, a Python package for building web interfaces, has a security flaw in versions 4.16.0 through 6.5.x where it automatically enables fake OAuth routes (authentication shortcuts) that accidentally expose the server owner's Hugging Face access token (a credential used to authenticate with Hugging Face services) to anyone who visits the login page. An attacker can steal this token because the session cookie (a small file storing login information) is signed with a hardcoded secret, making it easy to decode.

Pentagon moves to designate Anthropic as a supply-chain risk

inforegulatory
policy
Feb 27, 2026

President Trump directed federal agencies to stop using Anthropic's AI products and gave them six months to phase out usage, after the company disputed with the Department of Defense. The Pentagon's Secretary of Defense designated Anthropic as a supply-chain risk to national security, meaning military contractors can no longer do business with the company, because Anthropic refused to let its AI models be used for mass domestic surveillance or fully autonomous weapons (systems that make decisions and take action without human control).

Trump Orders All Federal Agencies to Phase Out Use of Anthropic Technology

infonews
policysafety

Trump orders federal agencies to drop Anthropic’s AI

infonews
policy
Feb 27, 2026

President Trump ordered federal agencies to stop using Claude (an AI system made by Anthropic) after the company's CEO refused to sign a military agreement that would allow unlimited use of their technology. The disagreement centers on whether Anthropic's AI should be available for all military purposes, including domestic surveillance.

An AI agent coding skeptic tries AI agent coding, in excessive detail

infonews
industry
Feb 27, 2026

A software developer who was skeptical about AI coding agents discovered they have become significantly more capable, using them to build increasingly complex projects including a Rust implementation of machine learning algorithms. The developer notes that recent AI coding models (like Opus 4.6 and Codex 5.3) are dramatically better than earlier versions, but this improvement is hard to communicate publicly without sounding like promotional hype.

‘Silent’ Google API key change exposed Gemini AI data

highnews
security
Feb 27, 2026

Google's API keys (simple identifiers that were designed only for billing purposes) unexpectedly gained the ability to authenticate access to private Gemini AI project data without any warning to developers. Researchers found 2,863 exposed keys that could let attackers steal files, datasets, and documents, or rack up expensive bills by running the AI model repeatedly.

Flaw-Finding AI Assistants Face Criticism for Speed, Accuracy

infonews
securityindustry

Sam Altman backs rival Anthropic in fight with Pentagon

infonews
policyindustry

Sam Altman aims to 'help de-escalate' tensions with Pentagon as OpenAI employees voice support for Anthropic

infonews
policyindustry

Nvidia's stock wrapping up tough week as Wall Street focuses more on competition than growth

infonews
industry
Feb 27, 2026

Despite strong earnings and growth forecasts, Nvidia's stock fell 6% this week as investors worry that spending by tech companies on AI infrastructure will peak soon and competition is increasing. Major AI companies like OpenAI and Meta are now diversifying away from Nvidia's GPUs (graphics processing units, specialized chips for AI computations) by adopting alternative chips from companies like Amazon, Google, and Advanced Micro Devices.

Musk bashes OpenAI in deposition, saying ‘nobody committed suicide because of Grok’

infonews
safetypolicy

Anthropic vs. the Pentagon: What’s actually at stake?

inforegulatory
policysafety

ChatGPT reaches 900M weekly active users

infonews
industry
Feb 27, 2026

ChatGPT has reached 900 million weekly active users and 50 million paying subscribers, with OpenAI reporting that subscriber growth accelerated significantly in early 2026. The company announced a $110 billion funding round, one of the largest private funding rounds ever, with major investments from Amazon, Nvidia, and SoftBank at a $730 billion valuation.

Free Claude Max for (large project) open source maintainers

infonews
industry
Feb 27, 2026

Anthropic is offering free access to Claude Max (their $200/month AI assistant plan) for six months to open source maintainers who meet specific criteria: primary maintainers of public repositories with 5,000+ GitHub stars or 1 million+ monthly NPM downloads, with recent commits or reviews in the last three months. The program accepts up to 10,000 contributors, and maintainers who don't quite meet the stated criteria can still apply and explain their importance to the ecosystem.

Previous190 / 321Next
Feb 27, 2026

OpenAI fired an employee who used confidential company information to make trades on prediction markets (platforms like Polymarket where people bet money on real-world events). The employee's actions violated OpenAI's internal policy against using insider information for personal financial gain.

TechCrunch
CNBC Technology

Fix: Update Gradio to version 6.6.0 or later, which fixes the issue.

NVD/CVE Database

Fix: Update to Gradio version 6.6.0 or later. Starting in version 6.6.0, the _target_url parameter is sanitized to only use the path, query, and fragment, stripping any scheme or host.

NVD/CVE Database

Fix: Update Gradio to version 6.7 or later, which fixes the issue.

NVD/CVE Database

Fix: Update to Gradio version 6.6.0, which fixes the issue.

NVD/CVE Database
TechCrunch
Feb 27, 2026

Anthropic, maker of the AI chatbot Claude, refused the Pentagon's demand to allow unrestricted military use of its technology, citing concerns about safeguards against mass surveillance and autonomous weapons (systems that make decisions without human control). President Trump ordered all federal agencies to stop using Anthropic's technology in response, escalating a public dispute within the AI industry about balancing national security needs with AI safety protections.

SecurityWeek
The Verge (AI)
Simon Willison's Weblog

Fix: Site administrators should check the GCP console for keys allowing the Generative Language API and look for unrestricted keys marked with a yellow warning icon. Exposed keys should be rotated or regenerated (replaced with new ones) with a grace period to avoid breaking apps using the old keys. Google's roadmap includes making API keys created through AI Studio default to Gemini-only access and blocking leaked keys while notifying customers when they detect them.

CSO Online
Feb 27, 2026

AI assistants designed to find security vulnerabilities (weaknesses in software that attackers can exploit) are not yet reliable enough for professional use, despite their potential to help find bugs faster. Experts say current AI tools have problems with both accuracy and speed, making them unsuitable for businesses and developers who need dependable security scanning.

Dark Reading
Feb 27, 2026

OpenAI CEO Sam Altman publicly supported rival company Anthropic in its dispute with the US Department of Defense over AI tool usage, stating that OpenAI shares Anthropic's refusal to allow certain uses like domestic surveillance and autonomous offensive weapons. The Pentagon has threatened Anthropic with retaliation, including invoking the Defense Production Act (a law letting the government use a company's products as it sees fit) or labeling the company a supply chain risk, but Anthropic maintains its position on restricting potentially harmful applications.

BBC Technology
Feb 27, 2026

OpenAI CEO Sam Altman sent an internal memo to staff expressing support for rival company Anthropic in a dispute with the Pentagon over AI model usage, stating that both companies oppose using AI for mass surveillance or fully autonomous weapons. About 70 OpenAI employees signed an open letter supporting Anthropic, which has a deadline to decide whether to allow the Department of Defense unrestricted access to its AI models. Altman indicated OpenAI is negotiating with the Pentagon to deploy its own models in classified environments while maintaining ethical boundaries around domestic surveillance and autonomous offensive weapons.

Fix: Altman proposed that OpenAI would ask for a contract with the Pentagon that covers "any use except those which are unlawful or unsuited to cloud deployments, such as domestic surveillance and autonomous offensive weapons." He also stated the company would "build technical safeguards and deploy personnel to ensure things are working correctly" in classified environments.

CNBC Technology
CNBC Technology
Feb 27, 2026

In a deposition for his lawsuit against OpenAI, Elon Musk claimed that his company xAI prioritizes AI safety better than OpenAI, and that ChatGPT has caused mental health harms including suicides while Grok has not. Musk's lawsuit challenges OpenAI's transition from a nonprofit to a for-profit company, arguing that commercial interests compromise safety priorities, though xAI itself has faced safety issues including the generation of non-consensual intimate images by Grok.

TechCrunch
Feb 27, 2026

Anthropic and the U.S. Department of Defense are in conflict over how the military can use Anthropic's AI models. Anthropic refuses to allow its AI for mass surveillance of Americans or fully autonomous weapons (systems that select and fire at targets without human decision-makers), while the Pentagon argues it should be permitted to use the technology for any lawful purpose. The core dispute is whether the companies that build powerful AI systems or the government that deploys them should control how those systems are used.

TechCrunch
TechCrunch
Simon Willison's Weblog