New tools, products, platforms, funding rounds, and company developments in AI security.
OpenAI has filed confidentially to go public on the US stock market, with an expected valuation exceeding $850 billion, making it one of the largest IPO (initial public offering, when a private company first sells shares to the public) listings in history. The company announced the filing preemptively because it expected the confidential submission to become public anyway, and stated it has not yet decided on a timeline for going public.
OpenAI has confidentially filed for an IPO (initial public offering, where a private company sells shares to the public for the first time) with the Securities and Exchange Commission, joining competitors Anthropic and SpaceX in preparing to go public. The company, valued at over $850 billion, has not decided on a timeline for the IPO but says it could happen as soon as late 2025, though leadership notes some goals may be easier to achieve while remaining private. OpenAI is also planning a tender offer to let employees sell shares at the current valuation to ease pressure for immediate liquidity.
OpenAI has filed a confidential Form S-1 with the SEC (Securities and Exchange Commission, the US agency that oversees financial markets and public companies), which is a preliminary step toward becoming a publicly traded company. This move follows Anthropic's similar filing in June, as both AI companies compete to go public. The confidential filing keeps sensitive details like executive pay and financial information private for now, rather than making them immediately public.
Apple announced new AI features at its developer conference, including an improved Siri that can have back-and-forth conversations with users. Unlike some competitors, Apple is partnering with Google and Nvidia to build its most advanced AI model (Apple Foundation Model Cloud Pro) while emphasizing privacy by keeping user data local and using a system orchestrator (a routing component that directs queries to either on-device or cloud processing) to minimize data collection compared to AI services like ChatGPT.
Apple announced a major upgrade to Siri at its developer conference, integrating it with Apple Intelligence (Apple's AI tool) and rebranding it as 'Siri AI'. The new voice assistant will function more like AI chatbots (such as ChatGPT or Google Gemini) rather than a traditional web-search question-and-answer tool, with a wide release planned for fall.
A critical vulnerability was found in Zcash's Orchard privacy pool, a system that uses zero-knowledge proofs (mathematical techniques that prove something is true without revealing details) to hide transaction information. The bug allowed attackers to bypass input validation checks and create fake ZEC (Zcash's cryptocurrency) out of nothing, though it's now been fixed.
Google is upgrading NotebookLM, an AI-powered note-taking app, to use Gemini 3.5, a newer and more advanced version of its AI model that will provide more accurate answers. The update lets users start research projects by simply asking questions, and NotebookLM will automatically search the web to find relevant sources rather than requiring users to manually import materials.
Microsoft's AI chief Mustafa Suleyman discusses how Microsoft has restructured its AI division to independently pursue superintelligence (AI systems that could surpass human capabilities across all domains), following a renegotiated partnership with OpenAI in October that allows both companies to develop models separately. The interview covers Microsoft's new approach to training frontier models (cutting-edge AI systems at the limits of current technology), the company's relationship with OpenAI, and how AI is being perceived by the public and in politics.
This item is not AI/LLM-related and does not describe a technical security issue, vulnerability, or problem. It is a corporate legal announcement about a confidential S-1 filing (a registration statement for going public) with the SEC (Securities and Exchange Commission), noting that the company expects the document to leak and is making a preemptive announcement while deciding on timing for a public offering.
This article presents 15 strategic questions that CISOs (chief information security officers, the leaders responsible for an organization's security) should regularly ask themselves to ensure their security programs stay effective and aligned with business needs. The questions cover areas like demonstrating security's value to the business, protecting critical processes, understanding impact of breaches, detection speed, and keeping pace with modern threats. The article emphasizes that security programs must continuously adapt rather than remain static, especially in an AI-enabled threat environment where the focus should shift from finding every vulnerability to protecting the most critical business processes and ensuring rapid incident response.
OpenAI is expanding two security features for ChatGPT accounts. Lockdown Mode helps prevent data exfiltration (unauthorized data theft) from prompt injection attacks (tricking an AI by hiding instructions in its input) by limiting outbound network requests, though it disables features like web browsing and file downloads. Active Sessions lets users see where their account is logged in and log out of unrecognized sessions.
OpenAI launched the Economic Research Exchange, a program that provides researchers access to OpenAI tools and datasets to conduct rigorous, independent studies on how AI affects workers, businesses, and the economy. The program aims to generate credible evidence about AI's economic impacts while maintaining privacy protections and data governance safeguards, with applications open through July 5, 2026.
Major AI companies like OpenAI, Anthropic, and SpaceX are seeking massive valuations and going public, reflecting a rapid increase in spending on AI infrastructure like datacenters. However, there are growing concerns about whether these investments will actually generate profitable returns, as companies work to find practical uses that justify the enormous amounts of money being spent on AI development.
This AWS security digest from May 2026 covers updates across AI security, infrastructure protection, identity management, and compliance. Key topics include securing agentic AI workflows (AI systems that take actions autonomously) using frameworks like Cedar for authorization, protecting AWS networks with filtering tools like AWS Network Firewall and WAF (web application firewall, which blocks malicious web traffic), and establishing compliance programs for ISO standards. The resources include blog posts, code samples, and workshops to help organizations adopt these security practices.
This newsletter covers multiple AI and tech developments, including OpenAI's plans to transform ChatGPT into a 'super app' (an all-in-one application combining multiple tools and services) before going public, Google's $30 billion deal with SpaceX for AI computing power, and concerns about AI's rising energy costs and environmental impact. It also reports on facial recognition tools being deployed by immigration enforcement, fears about 'recursive self-improvement' (AI systems automatically improving their own capabilities), and how machine learning is helping historians analyze historical records while introducing risks of bias and errors.
Anthropic launched Project Glasswing in April to help companies find software vulnerabilities (weaknesses that attackers can exploit) using their AI model, though claims about its superiority over other models are unverified. A status report shows the project is finding many vulnerabilities, including dangerous ones, but almost none have been patched, and Anthropic has not released detailed information about the findings.
Most enterprise security teams are unprepared for real cyberattacks because they treat cybersecurity as a compliance requirement rather than an operational capability that requires constant practice. The military achieves rapid, coordinated responses to cyber incidents through regular, realistic exercises and by assuming attacks are inevitable, while businesses rely on outdated annual tabletop exercises and focus on prevention rather than detection, containment, and recovery.
Fix: OpenAI provides two explicit mitigations: (1) Enable Lockdown Mode in Settings > Security > Advanced Security to limit outbound network requests during prompt injection attacks, and (2) use Active Sessions in Settings > Security to review and log out of unrecognized account sessions. Additionally, OpenAI offers Advanced Account Security, which disables password-based login in favor of physical security keys or passkeys, replaces email/SMS account recovery with backup passkeys and recovery keys, and shortens sign-in sessions to reduce account takeover risk.
SecurityWeekAnthropic is calling for AI companies worldwide to coordinate and create a system to pause or slow development of advanced AI if risks become too serious, warning that AI is improving so rapidly that humans could lose control, particularly through recursive self-improvement (where an AI designs its own successor). The company proposes a verification mechanism to ensure all labs comply with any slowdown, though OpenAI disagrees and argues that democratic governments, not private companies, should make decisions about AI development pace.
Fix: Anthropic proposes that advanced AI labs should establish a coordinated global mechanism to verify that rivals have actually stopped or slowed their work and that "a bad actor could not use the auspices of a coordinated slowdown to jump ahead in secret." The source also mentions that collaboration between companies, government agencies, and academic researchers is needed to develop countermeasures against AI-powered hacking tools.
SecurityWeekThis document outlines OpenAI's vision for AI development, arguing that AI should be widely accessible and beneficial to humanity rather than concentrated among a few entities. The text emphasizes that AI's value comes from what people can do with it (like learning new skills or starting businesses), and that safe, powerful AI systems must remain aligned with human intent and subject to human control, with humans ultimately deciding what is worth doing.
Recent attacks by anti-tech extremists, including attempted arson at OpenAI and violent incidents motivated by anti-AI ideology, are raising alarm among researchers, tech companies, and law enforcement. These attacks follow a pattern similar to earlier techno-pessimist (people who believe technology will cause harm) militant movements, suggesting a growing trend of violence driven by opposition to AI and data infrastructure.