All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
The AI Impact Summit in India this week brings together tech leaders, politicians, and scientists to discuss how to guide AI development globally, but the event risks being overshadowed by political tensions and competing interests between Western powers and the Global South. India faces significant challenges in AI adoption, including that major AI chatbots like ChatGPT and Claude don't support most of India's languages, and AI data workers there earn less than £4,000 per year while Western AI companies are valued in the hundreds of billions, creating inequality in how AI benefits are distributed worldwide.
Samsung has been posting videos on YouTube, Instagram, and TikTok that were created or edited using generative AI (software that creates images, video, or text from text descriptions), including promotional videos for its upcoming Galaxy S26 smartphones. The company disclosed the AI usage in fine print at the bottom of some videos, though the AI-generated nature of the content is visually apparent.
Cohere launched Tiny Aya, a family of open-weight (publicly available) multilingual AI models that support over 70 languages and can run on everyday devices like laptops without internet access. The models include regional variants optimized for different language groups, such as South Asian languages like Hindi and Bengali, and are available for developers to download and customize.
Claude Code for Desktop is Anthropic's cloud-based AI coding tool that runs in a container environment (a isolated computing space), accessible through native iPhone and Mac apps. The desktop app lets users see images that Claude is analyzing through a Read /path/to/image tool, providing visual previews of what the AI is working on in real time. The iPhone app currently lacks this image display feature, though the user has requested it.
Ring's Super Bowl advertisement promoting its Search Party feature, which uses camera footage to find lost dogs, sparked controversy over surveillance and privacy concerns because the same technology could be used to track and locate people without consent. Critics, including Senator Ed Markey, argued the ad represented mass surveillance and called for Ring to stop using facial recognition (technology that identifies people by analyzing their faces) on its doorbells. Four days after the backlash, Ring canceled its planned partnership with Flock Safety, a company whose surveillance systems had been accessed by ICE (Immigration and Customs Enforcement).
Ireland's Data Protection Commission has launched a formal investigation into X for using its Grok AI tool to generate non-consensual sexual images of real people, including children, and will examine whether the company violated GDPR (General Data Protection Regulation, EU rules protecting personal data) requirements. This investigation joins similar probes by UK and other authorities, with potential fines up to 4% of X's global revenue across all EU member states. The investigation focuses on whether X properly assessed risks and followed data protection principles before deploying Grok.
CISOs (chief information security officers, the top security executives at companies) report that their roles have become unmanageable because companies keep adding responsibilities without giving them more staff or budget. A survey found that 52% of CISOs say their scope is no longer fully manageable, and they now oversee everything from traditional security tasks to AI governance, third-party risk management, and disaster recovery, often with the same teams they had five years ago.
Fix: According to cybersecurity consultant Brian Levine, the solution requires redesigning the role by distributing responsibility across multiple people and giving CISOs the authority to match their accountability. Levine states: 'The solution isn't to find superhuman CISOs. It's to redesign the role, distribute responsibility, and give them the authority to match the accountability. Until boards rebalance that equation, CISOs will continue to feel like they're set up to fail.'
CSO OnlineBy late 2025, standard RAG systems (retrieval-augmented generation, where an AI pulls in external documents to answer questions) are failing at high rates, pushing companies toward agentic AI (autonomous systems that can plan and execute tasks independently). While agentic systems solve reliability problems, they create a critical security risk: they can autonomously execute malicious instructions, which threatens enterprise security.
Tech companies are being accused of greenwashing (falsely claiming environmental benefits) by conflating traditional machine learning (a type of AI that learns patterns from data) with energy-intensive generative AI (systems that create new text, images, or video). A report analyzing 154 statements found that most claims about AI helping combat climate change refer to older, less resource-heavy machine learning methods rather than the modern chatbots and image generators that consume massive amounts of electricity in data centers.
Microsoft Windows Video ActiveX Control (a reusable software component for video handling) contains a remote code execution vulnerability (a flaw that lets attackers run commands on a victim's computer without permission). An attacker can exploit this by tricking a user into viewing a malicious webpage, which could then execute code with the same permissions as the logged-in user. This vulnerability is currently being exploited by attackers in the wild.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CISA Known Exploited VulnerabilitiesZimbra Collaboration Suite (ZCS), an email and collaboration platform, has a server-side request forgery vulnerability (SSRF, where an attacker tricks the server into making unauthorized requests to internal systems) if the WebEx zimlet, a plugin that adds functionality, is installed and zimlet JSP (Java Server Pages, a way to generate dynamic web content) is enabled. This vulnerability is currently being exploited by attackers in real-world attacks.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
CISA Known Exploited VulnerabilitiesTeamT5 ThreatSonar Anti-Ransomware has a vulnerability where it doesn't properly check uploaded files, allowing attackers with admin access to upload malicious files and run dangerous commands on the server. This vulnerability is currently being exploited by real attackers in the wild.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services (a set of government cybersecurity rules), or discontinue use of the product if mitigations are unavailable. The deadline to address this is 2026-03-10.
CISA Known Exploited VulnerabilitiesGoogle Chromium contains a use-after-free vulnerability (a bug where software tries to access memory that has already been freed, potentially causing crashes or allowing attackers to run malicious code) in its CSS (cascading style sheets, the code that controls how web pages look) that could let remote attackers corrupt heap memory (a region of computer memory used for dynamic storage) through a specially crafted HTML page. This vulnerability affects multiple browsers built on Chromium, including Chrome, Edge, and Opera, and is currently being actively exploited by attackers.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Reference the Chrome releases blog at https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html for specific patching details.
CISA Known Exploited VulnerabilitiesOpenClaw is a popular open-source tool that orchestrates AI agents (programs that can act independently across devices and trigger workflows) and can interact with online services and chat apps, but security researchers warn it poses serious risks because these agents can perform any action a user can perform while being controlled externally. Early versions were insecure by default, and over 42,000 exposed instances have been found online with critical authentication bypass vulnerabilities (flaws that let attackers skip login checks), creating risks including data theft, unauthorized access, and potential exposure of confidential business information.
AI agents are being used to submit large numbers of pull requests (code contributions) to open-source projects to build fake reputation quickly, a tactic called 'reputation farming.' This is concerning because it could eventually help attackers gain trust in important software projects and inject malicious code through supply chain attacks (attacks targeting the software that other programs depend on), something that normally takes years to accomplish but could now happen much faster.
Researchers discovered that an information stealer (malware that secretly copies sensitive files) infected a victim and stole OpenClaw AI agent configuration files, including gateway tokens (authentication credentials), cryptographic keys, and the agent's operational guidelines. This marks a shift in malware tactics from stealing browser passwords to targeting AI agents, and attackers could use stolen tokens to impersonate victims or access their local AI systems if ports are exposed.
Fix: OpenClaw maintainers announced a partnership with VirusTotal to scan for malicious skills (plugins) uploaded to ClawHub, establish a threat model, and add the ability to audit for potential misconfigurations.
The Hacker NewsInfostealer malware (malware designed to steal sensitive files and credentials) has been spotted for the first time stealing configuration files from OpenClaw, a local AI agent framework that manages tasks and accesses online services on a user's machine. The stolen files contain API keys, authentication tokens, and other secrets that could allow attackers to impersonate users and access their cloud services and personal data.
Fix: For nanobot (a similar AI assistant framework), the development team released fixes for a max-severity vulnerability tracked as CVE-2026-2577 in version 0.13.post7. No mitigation or update is mentioned in the source for OpenClaw itself.
BleepingComputerThe UK government is closing a legal gap by bringing AI chatbots like ChatGPT, Gemini, and Copilot under its Online Safety Act, requiring them to remove illegal content or face fines and being blocked. This move follows criticism of X's Grok chatbot for spreading sexually explicit images, and reflects broader efforts to protect children from harmful online content through new regulations on age limits, infinite scrolling, and VPN access.
Attacks on AI language models have evolved beyond simple prompt injection (tricking an AI by hiding instructions in its input) into a more complex threat called "promptware," which follows a structured seven-step kill chain similar to traditional malware. The fundamental problem is that large language models (LLMs, AI systems trained on massive amounts of text) treat all input the same way, whether it's a trusted system command or untrusted data from a retrieved document, creating no architectural boundary between them.
ByteDance announced it will improve safeguards on Seedance 2.0, its AI video generator (software that creates realistic videos from text descriptions), after Hollywood studios and trade groups complained that the tool violates copyright by generating hyperrealistic videos of famous actors and characters without permission. The company stated it respects intellectual property rights and is taking steps to strengthen current safeguards in response to the backlash.