All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
This article covers a legal dispute between Elon Musk and Sam Altman over OpenAI, where Musk has accused Altman of 'stealing a charity.' The trial featured testimony from major tech industry figures and revealed private communications about OpenAI's history and leadership practices. The article focuses on the courtroom drama and business conflict rather than any technical or security issue related to AI systems.
Cerebras Systems' successful IPO, where shares jumped 70% in value, has created excitement around AI investment opportunities, but smaller tech companies are struggling to attract investor attention because massive AI firms like SpaceX, OpenAI, and Anthropic (each valued near or above $1 trillion) are preparing their own IPOs that will overshadow all other offerings. Companies without strong AI-related stories, particularly SaaS companies (software-as-a-service, meaning applications accessed over the internet), face especially difficult conditions in the public market right now.
Two brothers, Muneeb and Sohaib Akhter, were caught and pleaded guilty to destroying 96 government databases after being fired from their jobs at federal contractor Opexus. They were caught because they forgot to close a Microsoft Teams meeting (a video conferencing tool) during their termination meeting, and the software continued recording hours of their detailed planning and discussion of how they would delete the company's databases as revenge.
WeatherNext, an AI weather prediction model developed by Google DeepMind and Google Research, helped the National Hurricane Center predict Hurricane Melissa would reach Category 5 intensity five days before landfall in Jamaica with high confidence, marking the first time such rapid intensification was successfully forecasted from a weak starting point. Unlike traditional weather models that excelled at predicting either a storm's path or intensity but not both, WeatherNext bridges this gap by training on decades of global weather patterns and extreme tropical cyclone data, allowing it to run multiple "what-if" scenarios (called ensembles, where the model generates 50 different possible outcomes) to give forecasters a fuller picture for decision-making. The early and accurate prediction gave communities crucial time to prepare and evacuate.
OpenAI and Malta have announced a partnership to provide ChatGPT Plus (a paid subscription service) free to all Maltese citizens who complete an AI literacy course developed by the University of Malta. The course teaches people what AI is, what it can and cannot do, and how to use it responsibly, with the first phase launching in May and eligible citizens receiving one year of free access after completion.
Google has released Gemini 3.5 Flash, an AI model designed to help developers and enterprises build agents (AI systems that can perform multi-step tasks autonomously) and handle coding work. The model matches the performance of larger flagship models while running 4 times faster, and works with Google's Antigravity platform to execute complex workflows like code refactoring, financial document preparation, and game development at a fraction of the time and cost of previous approaches.
YouTube is expanding an AI tool to all adults that detects deepfakes (AI-generated videos where someone's face is swapped onto another person's body) by scanning a user's selfie and searching YouTube for matching content. If the tool finds a potential deepfake, it notifies the user, who can then request YouTube remove the video.
Open WebUI, a self-hosted AI platform that runs offline, had a security flaw in versions before 0.9.5 where it only checked the first URL a user submitted but didn't check where that URL redirected to (HTTP redirects are automatic forwards to different addresses). This meant authenticated users could trick the system into accessing internal addresses like 127.0.0.1 or 169.254.169.254 (special private IP addresses) and read sensitive data from those internal systems.
ArXiv, a platform where researchers share academic papers before formal publication, is implementing new rules to reduce AI slop (low-quality or unreliable AI-generated content). Authors who submit papers with clear evidence they didn't check their AI outputs, such as hallucinated references (false citations made up by the AI) or leftover comments from an LLM (large language model, an AI trained on massive amounts of text), will be banned from the platform for one year and must have future papers accepted at a reputable peer-reviewed venue.
Open WebUI, a self-hosted AI platform that runs offline, had a vulnerability before version 0.9.0 where certain API endpoints (like /api/generate and /api/embeddings) accepted any model name from users and sent requests to the backend without checking if those users had permission to use that model. The endpoints only verified that a user was logged in and that the model existed, but skipped the access control check (AccessGrants.has_access(), which determines what resources a user is allowed to access).
Open WebUI, a self-hosted AI platform that runs offline, had a security flaw in versions before 0.9.0 where the /responses endpoint allowed any logged-in user to access any model on the system without proper permission checks. While the main chat endpoint verified that users had the right to use specific models through ownership, group membership, and access grants, the /responses proxy skipped these checks and only confirmed the user was logged in, letting attackers use models they shouldn't have access to.
A previous security fix for CVE-2026-43884 in AVideo was incomplete. The fix patched two files to use a safer URL function, but six or more other parts of the code still don't properly use the `$resolvedIP` parameter (a value returned by the safety check that locks in which server to connect to), leaving the application vulnerable to DNS-rebinding TOCTOU attacks (time-of-check-time-of-use exploits where an attacker changes which IP address a domain points to between when the code checks it and when it actually connects).
AVideo has a command injection vulnerability in `plugin/Live/on_publish.php` where user-controlled stream keys are inserted into a shell command using literal single quotes instead of proper escaping. An attacker can break out of the quotes by including a single quote character in the stream key, allowing them to inject and execute arbitrary shell commands on the server.
OpenAI reorganized its leadership structure to focus on developing AI agents (AI systems that can independently perform multiple tasks and make decisions). The company plans to merge ChatGPT and Codex (a code-generation AI tool) into a single unified platform designed around this agentic approach, with president Greg Brockman now overseeing all product decisions.
This research paper proposes a method for securely sharing data across different organizations or systems using threshold secret sharing (a technique where data is split into pieces so that a minimum number of pieces are needed to reconstruct it) and zero-knowledge proofs (cryptographic methods that let one party prove something is true without revealing the actual information). The approach aims to allow data sharing while maintaining auditability, meaning organizations can track and verify that data was shared appropriately.
This is a survey paper that examines vulnerabilities and attack methods targeting embodied AI systems (AI systems that control physical robots or devices in the real world). The paper reviews the landscape of security risks in embodied AI and appears to focus on understanding these threats rather than proposing specific fixes.
This academic paper proposes a policy-based conjunctive scheme, which is a method for managing how groups of people can collectively decide to delete shared data they all own together. The research addresses the challenge of 'digital forgetting' (the ability to have data permanently removed) when multiple parties have rights to the same information, requiring agreement from all co-owners before deletion occurs.
This article covers the final week of a trial where Elon Musk is suing OpenAI CEO Sam Altman, claiming Altman broke a promise to keep OpenAI as a nonprofit organization dedicated to AI safety. The jury sided with OpenAI, finding that Musk's claims are blocked by the statute of limitations (a legal time limit for filing lawsuits), though the judge will make the final decision. The case centers on whether OpenAI's 2025 restructuring into a for-profit entity violated Musk's original vision, with Musk seeking up to $134 billion in damages.
Fix: This vulnerability is fixed in 0.9.5.
NVD/CVE DatabaseFix: According to ArXiv's Code of Conduct, authors must not submit papers with incontrovertible evidence that they failed to review LLM-generated results. Those found in violation face a one-year ban from ArXiv and must have subsequent submissions accepted at a reputable peer-reviewed venue before resubmission.
The Verge (AI)Fix: The vulnerability is fixed in version 0.9.0.
NVD/CVE DatabaseFix: This vulnerability is fixed in 0.9.0.
NVD/CVE DatabaseFix: The source text references a correct implementation pattern in `plugin/YPTWallet/YPTWallet.php:1071-1098` that shows how to properly use the `$resolvedIP` out-param with `curl_setopt($ch, CURLOPT_RESOLVE, ...)` for DNS pinning. However, the source does not explicitly state what developers should do to fix the six+ vulnerable call sites.
GitHub Advisory DatabaseThis academic paper, published in July 2026, presents research on laconic attribute-based PSI (private set intersection, a technique that lets two parties find common items in their datasets without revealing the full datasets to each other) applied to authenticated inputs. The work appears to focus on theoretical cryptographic methods for secure data comparison while maintaining privacy and verifying that the data being compared is legitimate.
This research paper examines how well attack mitigations (security protections built into code) actually work in Rust and Go, two programming languages designed to be memory-safe (meaning they prevent common memory-related bugs that attackers often exploit). The study analyzes real compiled programs to see whether these language protections hold up against real-world attacks.