All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
OpenAI has upgraded GPT-5.5 Instant to respond more accurately with more natural, human-like language and shorter responses, while retiring older models like o3 (August 26) and GPT-4.5 (June 27) to focus resources on newer capabilities. The company is also adding a job search tool to ChatGPT that integrates with job boards like Indeed and Upwork to help users find positions and tailor resumes.
Microsoft announced two new text-based LLMs (large language models, AI systems trained on text data): MAI-Thinking-1, a 35-billion-parameter model (parameters are the adjustable values that make up a neural network) designed for reasoning tasks, and MAI-Code-1-Flash, a smaller 5-billion-parameter model built specifically for code generation in GitHub Copilot and VS Code. Both models were trained on licensed data rather than web scrapes, and Microsoft claims MAI-Thinking-1 outperforms Claude's Sonnet 4.6 model despite its smaller size.
HP released patches for a critical buffer overflow vulnerability (a coding flaw where too much data is written into a fixed-size memory container) in its Poly Voice conference phones that could allow attackers without authentication to gain root access (complete control of the operating system) and record conversations for voice deepfakes (AI-generated fake audio impersonations). The flaw exists in code that processes ICE (Interactive Connectivity Establishment, a feature for establishing direct network connections) requests and affects multiple Poly phone models.
Microsoft announced new AI models including MAI-Code-1-Flash (a model that generates source code from written descriptions) and MAI-Thinking-1 (a reasoning model) to reduce dependence on OpenAI and lower costs for developers. These models run on Microsoft's own Azure cloud infrastructure, allowing the company to avoid paying third parties while offering developers lower token costs (tokens are the basic units that an AI model reads and processes). Microsoft is positioning itself to compete directly with proprietary models from OpenAI and Google by building its own AI capabilities across multiple layers of the technology stack.
President Trump signed an executive order establishing a voluntary framework for the federal government to review the national security risks of the most advanced AI systems (models built by companies like OpenAI and Google that represent the cutting edge of AI development) before their public release, with a 30-day review period. The order aims to balance security concerns with concerns about slowing innovation, and it allows frontier labs to voluntarily share their most advanced models to help secure critical infrastructure and strengthen government cyber defenses.
Hackers reportedly used Meta's AI support chatbot to take over high-profile Instagram accounts by tricking it into changing email addresses linked to those accounts, affecting pages associated with the Obama White House, Sephora, and other notable figures. The incident wasn't simply a case of prompt injection (tricking an AI by hiding instructions in its input), but rather revealed a deeper problem with how the AI chatbot was designed to handle account recovery requests.
Microsoft held its Build 2026 conference with announcements from CEO Satya Nadella covering new hardware and AI updates, including a Surface RTX Spark Dev Box designed to help developers run local AI models (machine learning systems that operate on a user's own device rather than in the cloud) on their computers. The event also featured updates to Microsoft's own AI models and an always-on personal assistant feature.
President Trump signed an executive order creating a voluntary framework requiring AI companies to share their frontier models (cutting-edge AI systems at the technological frontier) with the federal government before public release, aiming to improve security and protect critical infrastructure. The order balances innovation concerns with security risks by directing federal agencies to develop a system for assessing the advanced cyber capabilities of AI models before they are released.
Microsoft announced MAI-Thinking-1, a new in-house AI model designed for advanced reasoning tasks, at its Build 2026 conference. The company claims this medium-sized model performs as well as leading models on software engineering benchmarks and was trained from scratch on clean data without using techniques from other companies' models. This represents Microsoft's growing effort to develop its own AI models instead of relying solely on its partnership with OpenAI.
Google is adding a feature to its Phone app that detects when scammers use AI to impersonate calls from people in your contacts list, alerting you so you can hang up. The feature is part of Google's June Android update, which includes several other security and convenience improvements across Android devices.
Microsoft is launching Microsoft Scout, a new AI personal assistant built on OpenClaw (a foundation model technology) that integrates into Microsoft 365 apps like Outlook, OneDrive, and Teams. Unlike the existing Copilot assistant, Scout can see and do more, functioning as a comprehensive personal assistant that helps employees with tasks like organizing calendars, managing expenses, and drafting emails.
Microsoft announced Project Solara, a new operating system (OS, the core software that manages a device) built on Android and designed specifically for gadgets that run AI agents (software programs that can autonomously perform tasks). The company demonstrated two prototype devices: a desk gadget similar to Amazon Echo Show with facial recognition, and a wearable badge with a camera and fingerprint scanner, both intended to provide access to AI agents.
President Trump signed an executive order requiring tech companies to voluntarily share new AI models with the federal government for review up to 30 days before public release. The framework aims to help identify national security and cybersecurity risks before powerful AI systems reach the public, though companies are not legally required to participate.
The head of the U.S. Commodity Futures Trading Commission (CFTC, a government agency that oversees derivatives markets) says the agency is reversing a January 2025 enforcement action against Gemini, a crypto exchange run by the Winklevoss brothers, claiming the action was politically motivated rather than based on facts. The CFTC had previously ordered Gemini to pay a $5 million penalty and stop making false statements to regulators, based on allegations from a 2022 lawsuit that the company misrepresented how a bitcoin futures product (a contract to buy or sell bitcoin at a future date) could be manipulated.
OpenMed versions before 1.5.2 have a remote code execution vulnerability (RCE, where attackers can run commands on the affected system) in how it loads privacy-filter models. The vulnerability exists because the software uses overly broad pattern matching on user-supplied model names, allowing attackers to trick it into loading malicious code from external sources. An unauthenticated attacker can exploit this by providing a fake model repository containing harmful code that gets executed with the same permissions as the OpenMed service.
Microsoft is holding its annual Build 2026 developer conference starting June 2nd in San Francisco, where the company is expected to announce new AI models, agentic tools (AI systems that can take actions autonomously), a Copilot "super app" (a single application combining multiple services), and updates to Windows 11. The conference will also feature announcements about new hardware like the Surface Laptop Ultra and Project Solara, an operating system designed for AI agent gadgets (specialized devices running autonomous AI systems).
Fix: HP has fixed the vulnerability in Poly Unified Communications Software (UCS) versions 6.4.8 for VVX devices, 8.1.7 for Trio 8300, and 7.2.8 for Trio 8500 and 8800 phones. Additionally, HP advises administrators to disable the ICE feature if it is not needed, since it is not enabled by default on HP Poly devices.
CSO OnlineAI agents (systems that can act independently to complete tasks) with high autonomy and broad permissions are very difficult to secure and pose a serious risk to enterprises. The article warns that companies need to take action now to prevent AI agents from causing major problems in the future.
President Trump signed an executive order focused on strengthening cybersecurity and establishing voluntary cooperation between the federal government and AI developers, reviving parts of a broader AI initiative he had canceled two weeks earlier. The order directs federal agencies to deploy AI-enhanced cybersecurity tools, create a government-industry system for sharing information about security vulnerabilities (known as a vulnerability-sharing initiative), and evaluate the cyber capabilities of advanced AI models. The order emphasizes that it does not impose mandatory licensing or approval requirements on AI developers, attempting to balance national security concerns with innovation.
Fix: The executive order specifies several explicit actions: Within 30 days, the Committee on National Security Systems must prioritize cyber defense of national security systems (NSS, government systems handling classified information). The Department of Defense is directed to prioritize protection of its own information systems. The Cybersecurity and Infrastructure Security Agency (CISA) must issue directives and guidance to strengthen civilian federal networks and accelerate adoption of AI-enabled defensive technologies.
CSO OnlineFix: The CFTC asked a federal judge in New York to vacate (cancel) the January 2025 order against the exchange.
CNBC TechnologyFix: Update to OpenMed version 1.5.2 or later.
NVD/CVE DatabaseAnthropic is expanding access to Mythos, an AI model designed to find software vulnerabilities, to 150 additional organizations across 15+ countries as part of Project Glasswing. The expansion includes industries like power, water, healthcare, and communications, though new partners must meet security requirements first. Since the initial launch in April with 50 partners, Project Glasswing participants have discovered over 10,000 high or critical-level security flaws.
Amazon Bedrock AgentCore is a tool that lets Software as a Service (SaaS) providers serve multiple clients, called tenants, with different security needs using the same AI agent. Resource-based policies (rules that control who can access a resource directly) let you grant some tenants cross-account access from their own AWS accounts while restricting others to traffic that stays only within a private virtual network, all without sharing credentials or creating separate user accounts for each tenant.
Fix: Use resource-based policies on AgentCore Runtime and AgentCore Runtime endpoint resources to centralize access control. For cross-account access (like Example Corp), implement both a resource-based policy on your resources and an identity-based policy (access rules tied to a user or role) in the tenant's AWS account. For VPC-restricted scenarios (like AnyCompany), use specific IAM conditions to enforce that requests originate only from an approved virtual private cloud (VPC, a private network in AWS), adding a network-level security boundary on top of identity-based controls.
AWS Security Blog