All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Google's Gemini AI is being integrated into many Google apps and services at an increasing pace, similar to how Microsoft aggressively added Copilot to Windows 11. Users are experiencing fatigue from AI features appearing everywhere in their software, which is causing frustration.
MLflow version 3.9.0 has a vulnerability in its Assistant feature where /ajax-api endpoints don't properly validate the origin (the source website making a request). This allows an attacker on a malicious webpage to send cross-origin requests (requests from a different domain) to trick the MLflow Assistant running on a victim's computer, bypass security restrictions meant to only allow local access, and execute arbitrary commands (run any code they choose) through the Claude Code sub-agent.
The conflict between the U.S. and Iran is disrupting the supply chains that produce computer chips, which are essential for AI systems. Key materials like helium (a gas used in semiconductor manufacturing), bromine, and aluminum are becoming harder to get and more expensive, affecting companies like TSMC (the main manufacturer of Nvidia chips) and other chipmakers. Without a resolution to the conflict, these supply chain problems and rising costs could worsen throughout 2025 and impact the AI industry's growth.
Between November 2025 and February 2026, large language models (LLMs, AI systems trained on vast text data) underwent rapid advancement, with the 'best' model changing hands multiple times among major providers. The most significant development was that coding agents (AI systems that write software code) improved dramatically from often-working to mostly-working, becoming reliable enough for daily professional use after months of reinforcement learning from verifiable rewards (a technique where AI systems learn by receiving feedback on whether their outputs are correct). This progress sparked widespread experimentation and led to the emergence of 'Claws' (personal AI assistants), with OpenClaw becoming particularly popular by February.
Elon Musk lost his lawsuit against OpenAI because a jury found he sued too late under the statute of limitations (time limits for filing legal claims), not because his claims lacked merit. Musk had alleged that OpenAI's leaders broke promises to keep the company nonprofit and unfairly enriched themselves, but the court ruled he should have filed his case by 2021-2022 based on when he should have discovered the alleged wrongdoing, not when he actually sued in 2024.
A jury in Oakland, California ruled that Sam Altman and OpenAI did not break any laws or contracts with Elon Musk, rejecting his claims that they enriched themselves unfairly. This court victory removes legal obstacles to OpenAI's plans for continued growth and development.
A jury ruled that OpenAI CEO Sam Altman and president Greg Brockman are not liable for Elon Musk's claims that they broke a founding contract and unfairly profited from the company. This verdict ends a legal dispute between Musk and OpenAI's leadership over the terms under which OpenAI was originally established.
Security vulnerabilities called 'Claw Chain' were found in OpenClaw, a framework for building AI agents (programs that can perform tasks autonomously). These vulnerabilities allowed attackers to steal login credentials, gain higher-level access to systems, and stay hidden in compromised systems for extended periods. The vulnerabilities have now been patched.
MLflow versions before 3.11.0 create temporary directories with overly permissive access permissions (world-writable or group-writable), allowing local attackers to modify model files and execute arbitrary code when those files are loaded. This is especially dangerous in shared environments like Databricks where multiple users access the same network storage.
Elon Musk has lost several recent lawsuits and settlements, including a high-profile case against OpenAI and its co-founder Sam Altman, but legal experts believe he is unlikely to stop filing lawsuits or fighting in court because his enormous wealth makes any fines or costs insignificant to him. Despite these losses, Musk continues to pursue aggressive legal battles and public disputes, demonstrating a willingness to take risks that sets him apart from most business leaders.
NiceGUI has a vulnerability in two routes (resource and ESM module routes) that serve files without authentication. If a request tries to access a directory instead of a file through these routes, it causes an unhandled error that writes a large traceback (around 100 lines) to the server log. An attacker can repeatedly trigger this to fill up disk space, overload logging systems, and create false alarms in monitoring without needing any special access.
NiceGUI's `ui.restructured_text()` function renders user-supplied reStructuredText using Docutils without disabling file insertion directives, allowing attackers to read local files accessible to the server using standard Docutils directives like `include` and `raw`. This vulnerability only affects applications that pass untrusted or user-controlled content to this function, not those using only static trusted strings.
OpenTelemetry eBPF Instrumentation (OBI) contains an integer overflow vulnerability in its memcached protocol parser that allows a remote attacker to crash the OBI process. When parsing memcached storage commands, the parser accepts extremely large byte values without checking if adding the delimiter length will overflow, causing a negative value that triggers a runtime panic (a sudden crash caused by an error the program cannot recover from).
Malformed MongoDB wire messages can crash the OpenTelemetry eBPF Instrumentation telemetry agent through uncaught panics in its MongoDB parser, allowing remote attackers to cause denial of service. The parser checks attacker-controlled network data without fully validating it first, so a single crafted message can stop telemetry collection until the agent restarts.
OpenTelemetry eBPF Instrumentation (OBI) has a memory safety bug in its log enricher that mishandles writev calls (a system call that writes multiple buffer segments at once). When log injection is enabled, the code reads only the first buffer segment but copies as many bytes as all segments combined, causing it to read and overwrite memory beyond what it should access. This can corrupt application buffers, leak sensitive data into logs, or crash the instrumented process.
OpenTelemetry eBPF Instrumentation has a memory leak in its `CappedConcurrentHashMap` class, which is used to track Java TLS connections. When entries are deleted from the map, the keys are not removed from an internal queue, causing the queue to grow indefinitely in systems with many short-lived connections. This can eventually cause the Java process to run out of memory.
Claude HUD versions up to 0.0.12 contain a command injection vulnerability (a security flaw where an attacker can trick a program into running harmful commands) that affects Windows systems. An attacker with local access can manipulate the COMSPEC environment variable (a Windows setting that specifies which command interpreter to use) before the software checks its version, causing it to run malicious code with system permissions.
Claude HUD versions up to 0.0.12 contain a path traversal vulnerability (a flaw where attackers can access files outside intended directories by manipulating file paths) that lets attackers read any file the program can access by sending a malicious transcript_path value. Additionally, the vulnerability creates a cache file with weak permissions that records which files were accessed, leaving evidence even after the program stops running.
Claude HUD version 0.0.12 and earlier has a vulnerability where it creates terminal hyperlinks (clickable links in terminal windows) using user-controlled data without properly cleaning it first, allowing attackers to inject malicious terminal codes (ANSI codes, which control formatting and behavior in terminals) that could change text colors, fake command prompts, steal clipboard data, or redirect users to attacker-controlled websites.
Fix: Update to MLflow version 3.10.0, where this issue is resolved.
NVD/CVE DatabaseAnthropic, an AI company, is suing the U.S. Department of Defense in federal court after the DOD labeled it a "supply chain risk" (a designation suggesting it threatens national security), which requires defense contractors to stop using Anthropic's Claude AI models in military work. The court judges questioned whether the DOD properly justified this blacklisting, with one judge calling it a "spectacular overreach," while the DOD argued it needed to act quickly to notify agencies about the risk.
Fix: TSMC's strategy involves building inventory buffers (stockpiles of materials), diversifying sourcing (buying from multiple suppliers), and continuously developing multi-source supply solutions to build a well-diversified global supplier base and improve the local supply chain. The source also notes that chip companies generally understand they need to diversify to be less dependent on a specific region.
CNBC TechnologyFix: The vulnerabilities have been patched. Users should update to the patched version of OpenClaw.
Dark ReadingFix: Update MLflow to version 3.11.0 or later.
NVD/CVE DatabaseFix: The source mentions three workarounds for deployments unable to upgrade immediately: (1) Place NiceGUI behind a reverse proxy that rejects requests where the path after `/_nicegui/<version>/esm/<key>/` or `/_nicegui/<version>/resources/<key>/` is empty. (2) Rate-limit the `/_nicegui/` prefix at the proxy. (3) Configure log rotation aggressively for the affected service. For a permanent fix, upgrading NiceGUI is recommended, though no specific patched version is mentioned in the source.
GitHub Advisory DatabaseFix: Disable unsafe Docutils features by modifying the `publish_parts()` call in `prepare_content()` to include these `settings_overrides`: `'file_insertion_enabled': False`, `'raw_enabled': False`, and `'_disable_config': True`. This blocks the `include`, `csv-table :file:`, and `raw :file:` directives as well as local `docutils.conf` overrides.
GitHub Advisory DatabaseFix: The bounds-check panics affecting versions v0.1.0 through v0.3.0 were fixed by commit `3aa58cdaaa97fbb72f8ef4c3609ae425aacaf8bb` (`Fix MongoDB client panic`), which first appears in release `v0.4.0`. However, the unchecked BSON type assertion panic affecting versions v0.1.0 through v0.8.0 remains unfixed as of the advisory date.
GitHub Advisory DatabaseFix: The vulnerability was patched in commit 234d9aa. Users should update to a version after 0.0.12 that includes this patch.
NVD/CVE DatabaseFix: The vulnerability was patched in commit 234d9aa. Users should update to a version containing this commit or later.
NVD/CVE DatabaseFix: Patched in commit 234d9aa.
NVD/CVE Database