aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Browse All

All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.

to
Export CSV
6425 items

Could Bill Gates and political tussles overshadow AI safety debate in Delhi?

infonews
policyindustry
Feb 17, 2026

The AI Impact Summit in India this week brings together tech leaders, politicians, and scientists to discuss how to guide AI development globally, but the event risks being overshadowed by political tensions and competing interests between Western powers and the Global South. India faces significant challenges in AI adoption, including that major AI chatbots like ChatGPT and Claude don't support most of India's languages, and AI data workers there earn less than £4,000 per year while Western AI companies are valued in the hundreds of billions, creating inequality in how AI benefits are distributed worldwide.

BBC Technology

Samsung is slopping AI ads all over its social channels

infonews
industry
Feb 17, 2026

Samsung has been posting videos on YouTube, Instagram, and TikTok that were created or edited using generative AI (software that creates images, video, or text from text descriptions), including promotional videos for its upcoming Galaxy S26 smartphones. The company disclosed the AI usage in fine print at the bottom of some videos, though the AI-generated nature of the content is visually apparent.

Ireland now also investigating X over Grok-made sexual images

infonews
safetypolicy

With CISOs stretched thin, re-envisioning enterprise risk may be the only fix

infonews
policyindustry

Why 2025’s agentic AI boom is a CISO’s worst nightmare

infonews
securitysafety

Cohere launches a family of open multilingual models

infonews
industry
Feb 17, 2026

Cohere launched Tiny Aya, a family of open-weight (publicly available) multilingual AI models that support over 70 languages and can run on everyday devices like laptops without internet access. The models include regional variants optimized for different language groups, such as South Asian languages like Hindi and Bengali, and are available for developers to download and customize.

Claims that AI can help fix climate dismissed as greenwashing

infonews
policyindustry

CVE-2008-0015: Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability

infovulnerability
security
Feb 16, 2026
CVE-2008-0015EPSS: 80.6%🔥 Actively Exploited

CVE-2020-7796: Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability

infovulnerability
security
Feb 16, 2026
CVE-2020-7796EPSS: 93.5%🔥 Actively Exploited

CVE-2024-7694: TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability

infovulnerability
security
Feb 16, 2026
CVE-2024-7694🔥 Actively Exploited

CVE-2026-2441: Google Chromium CSS Use-After-Free Vulnerability

infovulnerability
security
Feb 16, 2026
CVE-2026-2441🔥 Actively Exploited

Was CISOs über OpenClaw wissen sollten

highnews
securitysafety

Open source maintainers being targeted by AI agent as part of ‘reputation farming’

mediumnews
securitypolicy

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

highnews
securityprivacy

Infostealer malware found stealing OpenClaw secrets for first time

highnews
securityprivacy

AI chatbot firms face stricter regulation in online safety laws protecting children in the UK

inforegulatory
policysafety

Rodney and Claude Code for Desktop

infonews
industry
Feb 16, 2026

Claude Code for Desktop is Anthropic's cloud-based AI coding tool that runs in a container environment (a isolated computing space), accessible through native iPhone and Mac apps. The desktop app lets users see images that Claude is analyzing through a Read /path/to/image tool, providing visual previews of what the AI is working on in real time. The iPhone app currently lacks this image display feature, though the user has requested it.

Let’s talk about Ring, lost dogs, and the surveillance state

infonews
policy
Feb 16, 2026

Ring's Super Bowl advertisement promoting its Search Party feature, which uses camera footage to find lost dogs, sparked controversy over surveillance and privacy concerns because the same technology could be used to track and locate people without consent. Critics, including Senator Ed Markey, argued the ad represented mass surveillance and called for Ring to stop using facial recognition (technology that identifies people by analyzing their faces) on its doorbells. Four days after the backlash, Ring canceled its planned partnership with Flock Safety, a company whose surveillance systems had been accessed by ICE (Immigration and Customs Enforcement).

The Promptware Kill Chain

infonews
securityresearch

After spooking Hollywood, ByteDance will tweak safeguards on new AI model

infonews
safetypolicy
Previous209 / 322Next
The Verge (AI)
Feb 17, 2026

Ireland's Data Protection Commission has launched a formal investigation into X for using its Grok AI tool to generate non-consensual sexual images of real people, including children, and will examine whether the company violated GDPR (General Data Protection Regulation, EU rules protecting personal data) requirements. This investigation joins similar probes by UK and other authorities, with potential fines up to 4% of X's global revenue across all EU member states. The investigation focuses on whether X properly assessed risks and followed data protection principles before deploying Grok.

BleepingComputer
Feb 17, 2026

CISOs (chief information security officers, the top security executives at companies) report that their roles have become unmanageable because companies keep adding responsibilities without giving them more staff or budget. A survey found that 52% of CISOs say their scope is no longer fully manageable, and they now oversee everything from traditional security tasks to AI governance, third-party risk management, and disaster recovery, often with the same teams they had five years ago.

Fix: According to cybersecurity consultant Brian Levine, the solution requires redesigning the role by distributing responsibility across multiple people and giving CISOs the authority to match their accountability. Levine states: 'The solution isn't to find superhuman CISOs. It's to redesign the role, distribute responsibility, and give them the authority to match the accountability. Until boards rebalance that equation, CISOs will continue to feel like they're set up to fail.'

CSO Online
Feb 17, 2026

By late 2025, standard RAG systems (retrieval-augmented generation, where an AI pulls in external documents to answer questions) are failing at high rates, pushing companies toward agentic AI (autonomous systems that can plan and execute tasks independently). While agentic systems solve reliability problems, they create a critical security risk: they can autonomously execute malicious instructions, which threatens enterprise security.

CSO Online
TechCrunch
Feb 17, 2026

Tech companies are being accused of greenwashing (falsely claiming environmental benefits) by conflating traditional machine learning (a type of AI that learns patterns from data) with energy-intensive generative AI (systems that create new text, images, or video). A report analyzing 154 statements found that most claims about AI helping combat climate change refer to older, less resource-heavy machine learning methods rather than the modern chatbots and image generators that consume massive amounts of electricity in data centers.

The Guardian Technology

Microsoft Windows Video ActiveX Control (a reusable software component for video handling) contains a remote code execution vulnerability (a flaw that lets attackers run commands on a victim's computer without permission). An attacker can exploit this by tricking a user into viewing a malicious webpage, which could then execute code with the same permissions as the logged-in user. This vulnerability is currently being exploited by attackers in the wild.

Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA Known Exploited Vulnerabilities

Zimbra Collaboration Suite (ZCS), an email and collaboration platform, has a server-side request forgery vulnerability (SSRF, where an attacker tricks the server into making unauthorized requests to internal systems) if the WebEx zimlet, a plugin that adds functionality, is installed and zimlet JSP (Java Server Pages, a way to generate dynamic web content) is enabled. This vulnerability is currently being exploited by attackers in real-world attacks.

Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

CISA Known Exploited Vulnerabilities

TeamT5 ThreatSonar Anti-Ransomware has a vulnerability where it doesn't properly check uploaded files, allowing attackers with admin access to upload malicious files and run dangerous commands on the server. This vulnerability is currently being exploited by real attackers in the wild.

Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services (a set of government cybersecurity rules), or discontinue use of the product if mitigations are unavailable. The deadline to address this is 2026-03-10.

CISA Known Exploited Vulnerabilities

Google Chromium contains a use-after-free vulnerability (a bug where software tries to access memory that has already been freed, potentially causing crashes or allowing attackers to run malicious code) in its CSS (cascading style sheets, the code that controls how web pages look) that could let remote attackers corrupt heap memory (a region of computer memory used for dynamic storage) through a specially crafted HTML page. This vulnerability affects multiple browsers built on Chromium, including Chrome, Edge, and Opera, and is currently being actively exploited by attackers.

Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Reference the Chrome releases blog at https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html for specific patching details.

CISA Known Exploited Vulnerabilities
Feb 16, 2026

OpenClaw is a popular open-source tool that orchestrates AI agents (programs that can act independently across devices and trigger workflows) and can interact with online services and chat apps, but security researchers warn it poses serious risks because these agents can perform any action a user can perform while being controlled externally. Early versions were insecure by default, and over 42,000 exposed instances have been found online with critical authentication bypass vulnerabilities (flaws that let attackers skip login checks), creating risks including data theft, unauthorized access, and potential exposure of confidential business information.

CSO Online
Feb 16, 2026

AI agents are being used to submit large numbers of pull requests (code contributions) to open-source projects to build fake reputation quickly, a tactic called 'reputation farming.' This is concerning because it could eventually help attackers gain trust in important software projects and inject malicious code through supply chain attacks (attacks targeting the software that other programs depend on), something that normally takes years to accomplish but could now happen much faster.

CSO Online
Feb 16, 2026

Researchers discovered that an information stealer (malware that secretly copies sensitive files) infected a victim and stole OpenClaw AI agent configuration files, including gateway tokens (authentication credentials), cryptographic keys, and the agent's operational guidelines. This marks a shift in malware tactics from stealing browser passwords to targeting AI agents, and attackers could use stolen tokens to impersonate victims or access their local AI systems if ports are exposed.

Fix: OpenClaw maintainers announced a partnership with VirusTotal to scan for malicious skills (plugins) uploaded to ClawHub, establish a threat model, and add the ability to audit for potential misconfigurations.

The Hacker News
Feb 16, 2026

Infostealer malware (malware designed to steal sensitive files and credentials) has been spotted for the first time stealing configuration files from OpenClaw, a local AI agent framework that manages tasks and accesses online services on a user's machine. The stolen files contain API keys, authentication tokens, and other secrets that could allow attackers to impersonate users and access their cloud services and personal data.

Fix: For nanobot (a similar AI assistant framework), the development team released fixes for a max-severity vulnerability tracked as CVE-2026-2577 in version 0.13.post7. No mitigation or update is mentioned in the source for OpenClaw itself.

BleepingComputer
Feb 16, 2026

The UK government is closing a legal gap by bringing AI chatbots like ChatGPT, Gemini, and Copilot under its Online Safety Act, requiring them to remove illegal content or face fines and being blocked. This move follows criticism of X's Grok chatbot for spreading sexually explicit images, and reflects broader efforts to protect children from harmful online content through new regulations on age limits, infinite scrolling, and VPN access.

CNBC Technology
Simon Willison's Weblog
The Verge (AI)
Feb 16, 2026

Attacks on AI language models have evolved beyond simple prompt injection (tricking an AI by hiding instructions in its input) into a more complex threat called "promptware," which follows a structured seven-step kill chain similar to traditional malware. The fundamental problem is that large language models (LLMs, AI systems trained on massive amounts of text) treat all input the same way, whether it's a trusted system command or untrusted data from a retrieved document, creating no architectural boundary between them.

Schneier on Security
Feb 16, 2026

ByteDance announced it will improve safeguards on Seedance 2.0, its AI video generator (software that creates realistic videos from text descriptions), after Hollywood studios and trade groups complained that the tool violates copyright by generating hyperrealistic videos of famous actors and characters without permission. The company stated it respects intellectual property rights and is taking steps to strengthen current safeguards in response to the backlash.

The Verge (AI)