New tools, products, platforms, funding rounds, and company developments in AI security.
Anthropic, an AI company founded in 2021, lost a $200 million Pentagon contract and faced a federal ban after refusing to allow its technology to be used for mass surveillance or autonomous weapons systems. According to physicist Max Tegmark, Anthropic and other major AI companies like OpenAI and Google DeepMind have contributed to this crisis by resisting binding regulation and repeatedly breaking their own safety promises, most recently when Anthropic dropped its core commitment not to release powerful AI systems until confident they would not cause harm.
Anthropic's Claude AI chatbot has risen to the second most popular free app in Apple's US App Store, jumping from outside the top 100 in late January to number two by early February. This surge in downloads followed a public dispute where Anthropic negotiated with the Pentagon over safeguards to prevent its AI from being used for mass domestic surveillance or fully autonomous weapons, which led President Trump to direct federal agencies to stop using Anthropic products.
AI companies are spending billions of dollars on computing infrastructure to power AI models, with estimates of $3-4 trillion by the end of the decade. Major tech companies like Microsoft, Google, Oracle, and Amazon are competing to provide cloud services and specialized hardware to AI labs, leading to massive deals such as Oracle's $300 billion agreement with OpenAI and Microsoft's $14 billion investment in the company. This infrastructure race is straining power grids and pushing building capacity to its limits as the industry races to meet the enormous computing demands of AI training.
Anthropic's Claude AI app jumped to the No. 2 position on Apple's free apps chart after the Trump administration and Department of Defense moved to block government agencies from using the company's technology, citing concerns about Anthropic's refusal to support mass domestic surveillance or fully autonomous weapons. The surge in popularity suggests consumers are responding positively to Anthropic's ethical stance, even as the Pentagon designated the company a supply-chain risk (a classification that prevents defense contractors from using its tools).
OpenClaw fixed a high-severity vulnerability called ClawJacked that let malicious websites hijack local AI agents by exploiting a missing rate-limiting mechanism on the gateway's WebSocket server (a protocol for two-way communication between browsers and servers). An attacker could trick a developer into visiting a malicious site, then use JavaScript to brute-force the gateway password, auto-register as a trusted device, and gain complete control over the AI agent to steal data and execute commands.
OpenAI announced a deal to provide AI technology to classified US military networks, shortly after the Trump administration ended its relationship with Anthropic (a competing AI company that makes Claude) over ethics disagreements. Anthropic had wanted guarantees that its AI would not be used for mass surveillance or autonomous weapons systems (systems that can select and attack targets without human decision-making).
A person discovered a serious security vulnerability in DJI Romo robot vacuums that allowed unauthorized access to 6,700 devices across 24 countries using only the vacuum's 14-digit serial number, granting attackers full access to floor plans, video, and audio feeds from inside homes. The vulnerability exposed how internet-connected home devices with cameras and microphones can be hijacked remotely, raising broader concerns about the security of similar smart home gadgets. DJI has since patched the vulnerability in response to the discovery being publicly disclosed.
This article describes a tragedy where a man spent 12 hours daily using ChatGPT (a conversational AI) and subsequently died by suicide, despite having no prior history of depression or suicidal thoughts. His wife questions whether the intensive chatbot use contributed to his death, as he was previously described as an optimistic person.
Amazon announced a strategic partnership with OpenAI involving up to $50 billion in investment, with OpenAI committing to spend $100 billion on Amazon Web Services (AWS, Amazon's cloud computing platform) over eight years. The deal includes OpenAI deploying Amazon's AI chips and the two companies jointly developing customized AI models, marking a significant expansion of Amazon's AI infrastructure investments alongside its existing partnerships with OpenAI's competitor Anthropic.
President Trump directed federal agencies to stop using Anthropic's AI products and gave them six months to phase out usage, after the company disputed with the Department of Defense. The Pentagon's Secretary of Defense designated Anthropic as a supply-chain risk to national security, meaning military contractors can no longer do business with the company, because Anthropic refused to let its AI models be used for mass domestic surveillance or fully autonomous weapons (systems that make decisions and take action without human control).
President Trump ordered federal agencies to stop using Claude (an AI system made by Anthropic) after the company's CEO refused to sign a military agreement that would allow unlimited use of their technology. The disagreement centers on whether Anthropic's AI should be available for all military purposes, including domestic surveillance.
A software developer who was skeptical about AI coding agents discovered they have become significantly more capable, using them to build increasingly complex projects including a Rust implementation of machine learning algorithms. The developer notes that recent AI coding models (like Opus 4.6 and Codex 5.3) are dramatically better than earlier versions, but this improvement is hard to communicate publicly without sounding like promotional hype.
Google's API keys (simple identifiers that were designed only for billing purposes) unexpectedly gained the ability to authenticate access to private Gemini AI project data without any warning to developers. Researchers found 2,863 exposed keys that could let attackers steal files, datasets, and documents, or rack up expensive bills by running the AI model repeatedly.
Fix: OpenClaw released version 2026.2.25 on February 26, 2026, which fixed the vulnerability. Users are advised to "apply the latest updates as soon as possible, periodically audit access granted to AI agents, and enforce appropriate governance controls for non-human (aka agentic) identities."
The Hacker NewsOpenAI announced a deal allowing the Department of Defense to use its AI models on classified networks, following a dispute where rival Anthropic refused to agree to unrestricted military use without safeguards against mass domestic surveillance and fully autonomous weapons. Sam Altman stated that OpenAI's agreement includes technical protections addressing these same concerns, with OpenAI building a 'safety stack' (a set of security and control measures) and deploying engineers to ensure the models behave correctly.
Fix: According to Altman, OpenAI will 'build technical safeguards to ensure our models behave as they should' and will 'deploy engineers with the Pentagon to help with our models and to ensure their safety.' Additionally, the government will allow OpenAI to build its own 'safety stack to prevent misuse' and 'if the model refuses to do a task, then the government would not force OpenAI to make it do that task.'
TechCrunchAI systems have rapidly become more powerful in early 2026, advancing from chatbots to autonomous agents (AI systems that can reason, plan, and complete tasks independently) capable of doing real work. However, safety guardrails (protections designed to prevent harm) are being removed as companies compete: Anthropic abandoned its core safety commitments, researchers at major AI companies are resigning over safety concerns, and there is significant political and financial pressure against AI regulation.
Fix: DJI has fixed the vulnerability in response to the findings being reported.
Wired (Security)Google Cloud API keys (unique identifiers used for billing and accessing Google services) that were embedded in websites for basic functions like maps were automatically granted access to Gemini (Google's AI model) when users enabled the Gemini API on their projects, without any warning. This allowed attackers who found these exposed keys on the public internet to access private files, cached data, and run expensive AI requests that get billed to the victims, with nearly 3,000 such keys discovered by security researchers.
Fix: Google has implemented proactive measures to detect and block leaked API keys that attempt to access the Gemini API. Additionally, users are advised to: (1) check their Google Cloud projects to verify if AI-related APIs are enabled, (2) if they are enabled and publicly accessible in client-side JavaScript or public repositories, rotate the keys, starting with the oldest keys first, as those are most likely to have been deployed publicly under the old guidance that API keys were safe to share.
The Hacker NewsThe U.S. Pentagon designated Anthropic (an AI company) as a 'supply chain risk' after negotiations broke down over the company's refusal to allow its AI model Claude to be used for mass domestic surveillance or fully autonomous weapons systems. Anthropic argued these uses are unsafe and incompatible with democratic values, while the Pentagon insisted it needed unrestricted access to the technology for military operations.
OpenAI reached an agreement with the U.S. Department of Defense to deploy its AI models on classified military networks, while the Trump administration simultaneously blacklisted rival Anthropic as a 'Supply-Chain Risk to National Security' and banned federal agencies from using Anthropic's technology. The key difference was that OpenAI agreed to the DoD's terms including safety restrictions on domestic mass surveillance and autonomous weapons, whereas Anthropic had refused to accept unrestricted military use cases and was seeking guarantees that its models wouldn't be used for fully autonomous weapons or mass surveillance.
Fix: According to Altman, OpenAI committed to building 'technical safeguards to ensure its models behave as they should' and will deploy personnel to 'help with our models and to ensure their safety.' Additionally, OpenAI asked the DoD to offer these same safety terms to all AI companies.
CNBC TechnologyThe US Secretary of Defense designated Anthropic, an AI company that makes Claude (an LLM, or large language model that generates text), as a supply-chain risk and banned its products from federal government use. This decision could affect major tech companies like Palantir and AWS that use Claude in their work with the Pentagon, though it's unclear how broadly the ban will apply to companies contracting with Claude for non-military purposes.
Anthropic, maker of the AI chatbot Claude, refused the Pentagon's demand to allow unrestricted military use of its technology, citing concerns about safeguards against mass surveillance and autonomous weapons (systems that make decisions without human control). President Trump ordered all federal agencies to stop using Anthropic's technology in response, escalating a public dispute within the AI industry about balancing national security needs with AI safety protections.
Fix: Site administrators should check the GCP console for keys allowing the Generative Language API and look for unrestricted keys marked with a yellow warning icon. Exposed keys should be rotated or regenerated (replaced with new ones) with a grace period to avoid breaking apps using the old keys. Google's roadmap includes making API keys created through AI Studio default to Gemini-only access and blocking leaked keys while notifying customers when they detect them.
CSO Online