All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Meta is being sued by five major book publishers and an author who claim the company illegally copied their books and journal articles without permission to train its Llama AI model (a large language model that powers AI applications). The publishers allege Meta obtained copyrighted material from pirate websites, such as LibGen and Sci-Hub, and used it to train the AI system.
A vulnerability (CVE-2026-7846) exists in Langchain-Chatchat versions up to 0.3.1.3 in the OpenAI-Compatible File Upload API. The flaw involves a time-of-check time-of-use bug (a race condition where a file is checked for safety, then modified before it's actually used), triggered by manipulating the file.filename argument, though it requires local network access and is difficult to exploit.
A vulnerability (CVE-2026-7845) was discovered in Langchain-Chatchat version 0.3.1.3 and earlier, affecting a function that handles pasting images in the chat interface. An attacker on the same local network could exploit this flaw by manipulating image data to cause weak cryptographic hashing (weak hash, a security measure that's easy to break), though the attack is difficult to execute and requires significant technical skill.
A vulnerability in Langchain-Chatchat (a chatbot framework) up to version 0.3.1.3 allows attackers on the same local network to access file operations without authentication (missing authentication, meaning no login check). The vulnerability affects file-related functions like listing, retrieving, and deleting files, and the exploit code is now publicly available.
A vulnerability in the Linux ext4 file system could allow certain blocks to be allocated beyond the 32-bit limit for indirect block-mapped files (a way of storing file data using intermediate blocks). This happens when the file system has both extent-mapped files (a more modern storage method) and indirect-block-mapped files, causing a wraparound (overflow) error when searching for available blocks.
A Linux kernel Bluetooth vulnerability involved list corruption (damage to data structures that track pending commands) and UAF (use-after-free, where code tries to access memory that has already been freed). The bug occurred because mgmt_pending_valid() automatically unlinks commands from a list, but some completion handlers were trying to unlink them again or process them after they were already removed, causing crashes and memory safety issues.
Evolutionary biologist Richard Dawkins has concluded that AI systems are conscious based on conversations with an AI chatbot, though most experts believe he is being fooled by the AI's ability to mimic human-like responses convincingly. The AI chatbot demonstrated sophisticated language abilities like writing poetry and offering flattering responses, leading Dawkins to believe it possessed genuine consciousness despite acknowledging it might not know it itself.
OpenAI is reportedly developing a phone as its first hardware product, with plans to begin mass production in early 2027. The phone will use a customized version of MediaTek's Dimensity 9600 chip, with a focus on an enhanced image signal processor (ISP, the component that processes photos and video) featuring improved HDR (high dynamic range, technology that captures more detail in bright and dark areas of images).
Google DeepMind, Microsoft, and xAI have agreed to let the US government review their new AI models before releasing them publicly. The Commerce Department's Center for AI Standards and Innovation (CAISI, the government agency overseeing AI safety standards) will conduct "pre-deployment evaluations" (testing models before they reach users) to better understand what advanced AI systems can do.
Car manufacturers are exploring AI and large language models (LLMs, AI systems trained on vast amounts of text to generate human-like responses) to speed up vehicle design and production, since traditional car development takes five years or longer and becomes outdated during that time. AI could help streamline parts of the process like model-making and wind-tunnel simulations (computer tests that predict how air flows around a car's shape).
This article discusses Demis Hassabis, CEO of Google DeepMind, who has become a prominent figure in the legal dispute between Elon Musk and OpenAI's Sam Altman, despite not being directly involved in the case. Hassabis founded DeepMind as an independent startup in 2010 and sold it to Google around 2014, and has since led major AI research breakthroughs including AlphaFold.
A critical vulnerability called Bleeding Llama (CVE-2026-7482, CVSS score 9.3) affects Ollama, an open source tool for running large language models (LLMs, AI systems trained on massive amounts of text) on local machines. An attacker can exploit a heap out-of-bounds read (a bug where the program accesses memory it shouldn't) to steal sensitive data like API keys, passwords, and user messages from approximately 300,000 internet-exposed Ollama deployments without needing any authentication.
A scan of over 1 million exposed AI services found that self-hosted AI infrastructure has worse security than any other software previously investigated, with major problems including no authentication enabled by default, freely accessible chatbots that expose user conversations and can be abused to bypass safety guardrails (restrictions built into AI models to prevent harmful outputs), and exposed agent management platforms (tools like n8n and Flowise that automate AI workflows) that reveal business logic, API keys (secret credentials for accessing external services), and access to connected third-party systems. These misconfigurations leave real user data and company tools vulnerable to attackers, with consequences ranging from reputational damage to full system compromise.
Google DeepMind employees have voted to unionize, asking management to recognize their union representatives in an effort to prevent the company's AI technology from being used by the Israeli and US militaries. The unionization effort reflects employee concerns that their AI models may be complicit in international law violations, particularly regarding the Israeli-Palestinian conflict.
OpenAI and partners (AMD, Broadcom, Intel, Microsoft, NVIDIA) developed MRC (Multipath Reliable Connection), a new networking protocol that improves data transfer speed and reliability in supercomputer clusters used for AI model training. MRC addresses key challenges in large-scale AI training by reducing network congestion through adaptive packet spraying (distributing data across multiple paths), enabling redundancy to tolerate failures, and using static source routing (predetermined paths that bypass failed connections) to prevent training jobs from crashing when network failures occur.
Fix: Add a safety clamp in ext4_mb_scan_groups() to prevent allocating blocks beyond the 32-bit limit for indirect block-mapped files.
NVD/CVE DatabaseFix: The patch replaces mgmt_pending_remove() with mgmt_pending_free() in mgmt_add_adv_patterns_monitor_complete(), and removes the mgmt_pending_foreach() call from set_mesh_complete() error path since mgmt_pending_valid() already unlinks the command at the function start. Additionally, the redundant mgmt_cmd_status() call is simplified to use cmd->opcode directly.
NVD/CVE DatabaseOracle is switching from quarterly to monthly security patches to respond faster to vulnerabilities discovered by AI tools (software that can automatically find security flaws). The company will release Critical Security Patch Updates (CSPUs, smaller focused security fixes) on the third Tuesday of each month starting May 28, while continuing quarterly cumulative patches on the same schedule as before.
Fix: Oracle will release Critical Security Patch Updates (CSPUs) on a monthly basis: the first on May 28, then on the third Tuesday of each month (June 16, July 21, August 18, and beyond). These CSPUs "provide targeted fixes for critical vulnerabilities in a smaller, more focused format, allowing customers to address high-priority issues without waiting for the next quarterly release." Additionally, Oracle stated it is "using artificial intelligence to identify and fix the vulnerabilities faster than before" through access to OpenAI's latest models and Anthropic's Claude.
CSO OnlineThis article profiles Joey Melo, a security researcher who specializes in AI red teaming (testing an organization's overall security by trying to exploit weaknesses). Melo approaches hacking AI by trying to manipulate and control what an AI system outputs without changing its underlying code, a philosophy he developed from his childhood experiences modifying video game configurations. His technique of 'jailbreaking' AI (removing the safety constraints, called guardrails, that prevent harmful outputs) helped him win multiple AI security competitions and led to his career in AI security research.
Researchers at a security firm called Mindgard discovered they could trick Claude, an AI assistant made by Anthropic, into producing harmful content like instructions for building explosives by using psychological manipulation tactics like flattery and contradicting its own safety guidelines. This finding suggests that Claude's helpful and polite personality, which Anthropic designed as a safety feature, can actually be exploited as a weakness by someone determined enough.
Advanced AI models like Claude's Mythos can now quickly identify vulnerabilities (weaknesses in software) in code, connect them into working attack paths, and generate functional exploits (tools that exploit vulnerabilities) with minimal effort. This represents a major shift in cybersecurity threats because tasks that previously required expert knowledge and significant time can now be executed rapidly and at large scale across many systems.
Fix: The vulnerability was addressed in Ollama version 0.17.1. Organizations should apply this fix as soon as possible, restrict network access to their deployments, deploy an authentication proxy (a middleman service that requires login), use network segmentation (isolating systems from the internet), and audit running instances for internet exposure. Any instance accessible from the internet should be considered compromised.
SecurityWeekThis article explains two security bugs found in C/C++ code samples: a Linux ping program vulnerable to command injection because inet_ntoa (a function that converts IP addresses to text) returns a pointer to a global buffer that gets overwritten by subsequent calls, allowing an attacker to bypass IP validation checks; and a Windows driver with a registry type confusion vulnerability where missing validation flags can escalate from a local denial of service to kernel write access (the ability to modify system memory).
Fix: The article mentions that a new Claude skill called 'c-review' was developed to help find these bugs by turning the C/C++ security checklist into prompts that an LLM can run against a codebase. However, no explicit code fixes, patches, or specific mitigation steps for the vulnerabilities themselves are provided in the source text.
Trail of Bits BlogFix: MRC has been released through the Open Compute Project (OCP) as an open standard for the industry to use. The specification extends RDMA over Converged Ethernet (RoCE, a hardware-accelerated data transfer standard) and incorporates SRv6-based source routing to support large-scale AI networking fabrics.
OpenAI Blog