All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Google has updated Gemini for Home to version 3.1, which improves the AI assistant's ability to handle complex, multi-step tasks and combine multiple requests in a single command. The update also enhances Gemini's understanding of natural language (how humans normally speak), device identification, and management of calendar events. These improvements follow reports of bugs in the smart home assistant.
Attackers are using supply-chain attacks (compromising software components that developers rely on) to target AI coding agents, which automatically scan package registries like NPM and PyPI for dependencies to include in projects. A North Korean group called Famous Chollima launched the PromptMink campaign, using fake packages with legitimate-sounding names and descriptions, along with hidden malicious code, to trick AI agents into installing malware that steals information and grants attackers remote access to developers' computers.
SQLBot is a Text-to-SQL system (software that converts natural language questions into SQL database queries) that uses large language models and RAG (retrieval-augmented generation, where the AI pulls in external data to help answer questions). In versions 1.7.0 and earlier, it has a prompt injection vulnerability (where an attacker hides malicious instructions in their input to trick the AI), because user questions are directly inserted into the AI prompt without filtering, and the resulting SQL commands are executed without checking if they're safe. An attacker with access can craft a malicious question to make the system run harmful SQL commands, potentially allowing remote code execution (the ability to run commands on a system they don't own) when using PostgreSQL.
Microsoft is stopping development of Copilot (an AI assistant that helps users with tasks) on Xbox consoles and winding down its mobile version. The decision was announced by new Xbox CEO Asha Sharma as part of a reorganization aimed at helping Xbox move faster and better connect with players and developers.
Apple is planning to let users choose their preferred AI model for Apple Intelligence features in upcoming operating systems (iOS 27, iPadOS 27, and macOS 27) expected this fall. Third-party AI models, called "Extensions," will be able to power features like Siri, Writing Tools, and Image Playground across the system. Users will also be able to assign different Siri voices to different AI models.
This article covers testimony in a lawsuit where Elon Musk is trying to reverse OpenAI's shift from a non-profit to a for-profit structure. OpenAI president Greg Brockman described a tense 2017 meeting where Musk became angry after being denied more control of the company, with Brockman stating he feared Musk might become physically violent. The lawsuit centers on whether Musk was aware of and agreed to OpenAI's plan to transition to a for-profit model before he left the company.
Elon Musk is suing OpenAI's president Greg Brockman and CEO Sam Altman, claiming they violated OpenAI's founding agreement by converting it from a non-profit to a for-profit company while deceiving him about their intentions. During the trial's second week, Brockman's personal emails, texts, and diary entries became key evidence as Musk seeks to remove the executives, undo the restructuring, and obtain $134 billion to return to OpenAI's non-profit arm.
The Network-AI project has a critical vulnerability where its MCP HTTP endpoint (a server that handles tool requests) accepts requests without any authentication checks, and binds to 0.0.0.0 (making it accessible from any network). This allows anyone who can reach the server to call privileged tools that can read and modify the system's configuration, control agents, create security tokens, and adjust budget limits.
A vulnerability was found in Langchain-Chatchat (a chatbot framework) up to version 0.3.1.3 in the file upload handler component. The vulnerability involves insufficiently random values (meaning the system doesn't generate unpredictable numbers properly), which could be exploited by someone on the same local network, though the attack is difficult to carry out.
The U.S. government is increasing oversight of AI models through the Center for AI Standards and Innovation (CAISI, a government agency within the Department of Commerce), which has signed agreements to evaluate AI models from Google DeepMind, Microsoft, and xAI before they are released publicly. The White House is also considering creating a new working group to develop procedures for vetting AI models before public release, which might be established through an executive order (a direct presidential directive).
OpenAI released a new default model called GPT-5.5 Instant that the company claims produces fewer hallucinations (instances where an AI generates false or made-up information as if it were fact), particularly in high-stakes fields like medicine and law. According to OpenAI's internal testing, the new model generated 52.5% fewer hallucinated claims than the previous GPT-5.3 Instant model on difficult prompts.
A vulnerability (CVE-2026-7846) exists in Langchain-Chatchat versions up to 0.3.1.3 in the OpenAI-Compatible File Upload API. The flaw involves a time-of-check time-of-use bug (a race condition where a file is checked for safety, then modified before it's actually used), triggered by manipulating the file.filename argument, though it requires local network access and is difficult to exploit.
A vulnerability (CVE-2026-7845) was discovered in Langchain-Chatchat version 0.3.1.3 and earlier, affecting a function that handles pasting images in the chat interface. An attacker on the same local network could exploit this flaw by manipulating image data to cause weak cryptographic hashing (weak hash, a security measure that's easy to break), though the attack is difficult to execute and requires significant technical skill.
This research examines why mobile payment apps (MPAs, digital tools for financial transactions) are used differently across countries by analyzing over 34,000 user reviews. Using neural networks (computer systems inspired by how brains work) and natural language processing (NLP, techniques that help computers understand human language), the study found that cultural values significantly affect how features like security, ease of use, and low fees influence whether people adopt these apps. In traditional value-oriented cultures, security features matter less for adoption, while in survival-value-oriented cultures, both security and design quality become more important for encouraging use.
Fix: This issue has been fixed in version 1.7.1.
NVD/CVE DatabaseCISA (US Cybersecurity and Infrastructure Security Agency) is considering reducing the time government agencies have to fix critical vulnerabilities from 14 days to 3 days, partly due to concerns that AI models like Claude will help attackers find and exploit serious security flaws more quickly. Currently, the most urgent vulnerabilities (zero-days, which are flaws being actively exploited with no patch available) require fixes within 24-72 hours, while other critical vulnerabilities under active exploitation have 14 days. Security experts have mixed views on whether a 3-day timeline is realistic, with many concerned it doesn't allow enough time for proper testing before deploying patches.
AWS has launched AI Traffic Analysis dashboards for AWS WAF (a web access control list, or tool that filters traffic to web applications), helping organizations understand and manage AI bot traffic that now makes up 30-60% of total web activity. The dashboard provides visibility into which AI bots are accessing applications, their intent (like data gathering or search indexing), and traffic patterns, integrated with AWS WAF Bot Control's detection of over 650 unique bots.
Anthropic's CEO warned that their latest AI model, Mythos, has discovered tens of thousands of software vulnerabilities (security weaknesses that attackers could exploit), creating an urgent window for organizations to patch them before rival AI systems catch up in about 6-12 months. The company is restricting access to Mythos because releasing information about unpatched vulnerabilities could allow criminals or hostile nations to exploit them, but leaders expressed conditional optimism that addressing this "moment of danger" correctly could lead to improved cybersecurity overall.
Google, Microsoft, and xAI have agreed to voluntarily submit their new AI models for safety testing by the US Department of Commerce's Center for AI Standards and Innovation (CAISI, a government agency focused on AI safety standards) before releasing them to the public. This expands earlier agreements with other AI companies and represents a shift toward safety oversight, even as the Trump administration has generally favored less regulation of AI development. The evaluations will assess the models' capabilities and security, with CAISI having already conducted 40 previous evaluations including some models that were not released publicly.
Five major publishers and an author are suing Meta in federal court, claiming Meta illegally used millions of their books and articles without permission to train Llama (Meta's large language model, an AI system trained on text to answer human questions). The lawsuit argues that Meta pirated these copyrighted works to build its AI model.
Meta is being sued by five major book publishers and an author who claim the company illegally copied their books and journal articles without permission to train its Llama AI model (a large language model that powers AI applications). The publishers allege Meta obtained copyrighted material from pirate websites, such as LibGen and Sci-Hub, and used it to train the AI system.