All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Canonical, the company behind Ubuntu Linux (a popular operating system), plans to add AI features to its system over the next year. These features will work in two ways: some will improve existing system functions quietly in the background, while others will be designed specifically for users who want AI-powered tools and workflows. The features will include accessibility improvements like better speech-to-text conversion and other AI-powered capabilities.
QnABot on AWS (a conversational AI tool built with Amazon Lex and other AWS services) has a vulnerability where administrators can run arbitrary code (unintended commands) by exploiting improper use of the static-eval npm package through the Content Designer interface, potentially giving them access to sensitive backend resources like databases and environment variables that should be protected.
Microsoft and OpenAI had a contract clause stating that if AGI (artificial general intelligence, meaning AI systems that outperform humans at most economically valuable work) was achieved, Microsoft would lose its commercial rights to OpenAI's technology. On April 27, 2026, this clause effectively ended when Microsoft's license became non-exclusive and Microsoft stopped paying revenue shares to OpenAI, with payments continuing regardless of technological progress.
A bug in the Linux kernel's EDAC (error detection and correction) memory controller code causes a crash when memory allocation fails, because the code tries to clean up a device before it has been properly initialized. The fix reorders the initialization steps so the device is set up before the cleanup code can be called.
A vulnerability was found in vllm (a language model serving framework) up to version 0.19.0 in the has_mamba_layers function, which can result in uninitialized resource (memory that hasn't been set to a known value before use). An attacker can trigger this flaw remotely, though the attack is difficult to execute and requires high complexity.
OpenAI and Microsoft announced a revised partnership agreement that allows OpenAI to cap its revenue share payments to Microsoft and serve customers through any cloud provider, not just Microsoft Azure. Previously, OpenAI was restricted to primarily using Microsoft's cloud services, but the new deal lets OpenAI work with competitors like Amazon and Google while maintaining Microsoft as its primary provider through 2030.
Customers Bank CEO Sam Sidhu revealed that an AI clone (a digital voice generated to sound like him) delivered his prepared remarks during an earnings call, then announced a partnership with OpenAI to automate banking processes like loan approvals and account openings. The bank plans to deploy AI agents (software that can make decisions and take actions with minimal human input) across lending, deposits, and payments over the next 6-12 months, with goals including reducing loan processing time from 30-45 days to 7 days and account opening time to under 20 minutes.
Microsoft and OpenAI have removed a clause from their partnership agreement that previously governed what would happen if AGI (artificial general intelligence, an AI system that can do any intellectual task a human can do) was developed. Under the new terms, Microsoft remains OpenAI's primary cloud partner with first access to new products, but OpenAI now has freedom to use other cloud providers instead of being locked into Microsoft's Azure platform.
Elon Musk, a cofounder of OpenAI, is suing the company and its leaders Sam Altman and Greg Brockman, claiming they abandoned OpenAI's original mission to develop AI for humanity's benefit and shifted focus to profit instead. OpenAI counters that the lawsuit is a baseless attempt by Musk to harm a competitor to his own AI ventures. Musk is seeking the removal of Altman and Brockman, an end to OpenAI's nonprofit status, and up to $150 billion in damages.
OpenAI has received FedRAMP 20x Moderate authorization (a security certification that allows U.S. government agencies to use cloud services), making ChatGPT Enterprise and the API Platform available for federal use. This certification was achieved through a faster authorization process that emphasizes cloud-native security evidence and automated validation, allowing government agencies to access advanced AI capabilities like GPT-5.5 while meeting federal security and governance requirements.
Qualcomm is reportedly partnering with OpenAI and MediaTek to develop custom smartphone chips, with mass production expected in 2028. According to analyst Ming-Chi Kuo, OpenAI believes controlling both the operating system (the software that runs a device) and hardware will let it deliver comprehensive AI agent services (AI systems that can perform tasks autonomously) that use real-time smartphone data to improve performance.
Over 600 Google employees, including many from DeepMind (Google's AI research lab), signed a letter asking CEO Sundar Pichai to prevent the Pentagon from using Google's AI models for classified purposes (secret military projects). The employees argue that the only way to ensure Google isn't associated with potential harms from such uses is to reject these classified projects entirely, since otherwise they could happen without employee knowledge or oversight.
Fix: Reorder the calling sequence so that the device is initialized and thus the release function pointer is properly set before it can be used.
NVD/CVE DatabaseFix: Deploy patch 1ad67864c0c20f167929e64c875f5c28e1aad9fd to fix this issue.
NVD/CVE DatabaseThis paper describes a security problem in blockchain payment channels (like the Lightning Network, which allows faster transactions by bundling multiple payments together): malicious intermediate nodes can intercept funds by reading payment conditions sent in plaintext. The authors propose a solution using a new encryption method called CUAP-PRE (ciphertext unlinkable autonomous path proxy re-encryption, which encrypts payment instructions so intermediate nodes can't see or trace them) combined with an improved payment protocol that lets the final receiver control decryption rights in reverse order to unlock the funds.
Fix: The proposed solution is a secure off-chain payment protocol (SOCP) built on the new CUAP-PRE cryptographic primitive. According to the source, this protocol prevents malicious nodes by: (1) enabling the delegator to designate all trusted delegatees, (2) using ciphertext unlinkability to resist inference attacks and path tracing to ensure anonymity, and (3) implementing an enhanced multi-hop Hash Time-Lock Contract where the receiver at the end of the payment path can control decryption rights in a reversed multi-hop delegation manner to unlock the corresponding bitcoins on hold.
IEEE Xplore (Security & AI Journals)LVMark is a watermarking technique that hides invisible digital markers in video diffusion models (AI systems that generate realistic videos from text descriptions) to protect against unauthorized use. The method improves on existing approaches by maintaining temporal consistency (keeping the watermark stable across consecutive video frames) and preserving video quality through a specialized decoder that combines frequency analysis with color information. The technique successfully embeds 512-bit capacity watermarks that remain detectable even when videos are distorted or attacked.
ShadowCoT is a backdoor attack (a hidden vulnerability inserted into an AI model that causes it to misbehave when triggered) that targets Chain-of-Thought reasoning, which is a technique where LLMs show their step-by-step thinking to solve complex problems. Unlike simpler attacks, ShadowCoT hijacks the model's internal reasoning process by subtly rewiring how attention flows through the model and changing intermediate representations (internal data the model creates while processing), allowing it to produce logical-sounding but harmful outputs while avoiding detection.
This paper presents a new method for securely transmitting data between two users over a wireless channel where an eavesdropper might be listening. The researchers use polar coding (a technique for encoding data reliably) combined with feedback (information sent back from receiver to sender) to create correlation between transmitted signals and add dummy messages that confuse eavesdroppers. The proposed scheme achieves both reliable communication and strong secrecy without requiring simplified assumptions about the channel.
Sanitizer is a new framework for federated learning (a training method where multiple computers learn together without sharing raw data) that addresses two major challenges: privacy and Byzantine attacks (when some computers send bad or malicious data). The framework uses more efficient cryptographic techniques and two new protocols for combining data from multiple sources, achieving 19-23 times faster performance than existing methods while maintaining accuracy and security.
This research presents HEFLGuard, a security system that detects backdoor attacks (hidden malicious behavior injected into AI models) in homomorphic encryption-based federated learning (a privacy-protecting technique where multiple parties train an AI model together using encrypted data). HEFLGuard works by having the server create validation models from encrypted client groups and having clients compare their local model outputs on trusted samples to identify suspicious behavior, while also using Byzantine fault-tolerant aggregation (a method that functions correctly even when some participants act maliciously) to ensure robustness.
Fix: HEFLGuard constructs overlapping validation models from encrypted client groups and clients locally compare logits (output scores) of the global and validation models on benign samples to expose backdoor behavior. The framework combines consistency verification across non-IID validation groups with Byzantine fault-tolerant aggregation of client reports.
IEEE Xplore (Security & AI Journals)Deepfake voice and video attacks (AI-generated replicas of real people) are becoming increasingly common and costly, with tools that require only three seconds of audio and cost almost nothing to create. Attackers target finance employees and IT staff by impersonating executives on calls or video meetings to authorize large money transfers or credential changes, and these attacks bypass traditional security tools because they rely on tricking people rather than exploiting software vulnerabilities. Organizations that have successfully stopped these attacks all used the same defense: training employees to pause and verify requests before acting on them.
Fix: The source explicitly states: 'The organizations that have stopped these attacks all found the same answer: train your people to pause and verify before they act.' No specific training program, tool, or technical mitigation is detailed in the text.
BleepingComputerSome people worry that advanced frontier LLMs (large language models, AI systems trained on massive amounts of text) like Claude Mythos and GPT-5.5 could cause serious cybersecurity problems by being misused for attacks. However, security researcher Ari Herbert-Voss suggests this situation could also present opportunities.