New tools, products, platforms, funding rounds, and company developments in AI security.
OpenAI announced a new preview feature that will let ChatGPT connect directly to users' bank accounts through Plaid, a platform that links banking apps to third-party services. This integration would give the chatbot access to detailed financial information, including credit card debt and account balances, to help answer users' finance questions.
Tech companies are using AI as justification to cut middle management positions, claiming that AI enables them to accomplish more work with fewer employees and less management overhead. Workers report that these AI-driven restructurings are damaging mentorship, employee support, and career advancement opportunities across the industry, with companies like Amazon, Meta, Block, and Coinbase laying off thousands of employees specifically targeting management layers.
OpenAI disclosed that two employee devices were compromised through the Mini Shai-Hulud supply chain attack on TanStack (a software dependency library), resulting in limited credential theft from internal code repositories but no user data or production systems were affected. Because the compromised repositories contained signing certificates (digital credentials that verify software authenticity) for macOS apps, OpenAI revoked the old certificates and requires macOS users of ChatGPT Desktop, Codex App, Codex CLI, and Atlas to update to the latest versions before June 12, 2026, when the old certificates will be blocked by macOS protections.
OpenAI disclosed that two employee devices were infected during a supply chain attack on TanStack, a web development framework, which allowed attackers to steal credential material from internal source code repositories. The stolen credentials gave attackers access to code-signing certificates (digital keys used to verify that software is authentic) for OpenAI's applications on iOS, macOS, Windows, and Android. OpenAI confirmed that no customer data or intellectual property was compromised, but took steps to prevent further risk.
Forza Horizon, an open-world driving simulation game, is expanding to Japan after the developer spent years researching the country to ensure authenticity. The team faces a unique challenge because gamers worldwide have strong expectations about what Japan should look like in games, shaped by decades of stylized portrayals in other video games, so the developers must balance accurate recreation with matching these ingrained mental images.
Security teams are falling behind attackers because they spend too much time investigating alerts rather than responding to them. While detection systems generate plenty of data, analysts must manually piece together information across multiple tools, which takes hours—far longer than the 29 minutes attackers need to move through a network. Modern security systems can compress investigation by automatically assembling relevant context (identity information, access paths, system changes) before presenting alerts to analysts, allowing teams to move from spotting a problem to deciding on a response much faster.
datasette-llm-limits is a plugin that works with Datasette (a tool for exploring databases) to set spending limits on how much money users can spend on LLM API calls. The plugin lets administrators configure daily or rolling limits per user or globally, for example restricting one user to $1.00 of LLM usage per 24-hour period.
Databricks has made GPT-5.5 available for enterprise AI agent workflows, where the model achieved a new benchmark record by reaching 50% accuracy on OfficeQA Pro (a test measuring how well AI systems handle complex business document tasks like parsing scanned PDFs and legacy files). Compared to the previous GPT-5.4 model, GPT-5.5 reduced errors by 46% and showed major improvements in parsing old documents and managing multi-step tasks without unnecessary detours.
OpenAI is launching a new personal finance feature in ChatGPT that lets Pro users in the U.S. securely connect their bank accounts and ask the AI questions about their spending and financial goals. The feature uses improved AI reasoning (GPT-4.5) to analyze your real financial data alongside your goals, helping you spot spending patterns and plan major decisions, though it is not a replacement for professional financial advice.
Article 50 of the EU AI Act requires organizations to inform users when they interact with AI systems or encounter AI-generated content, with a deadline of August 2026. These transparency obligations apply broadly to any AI system used in four situations: direct interaction with people, synthetic content generation, emotion recognition or biometric categorization, and deepfake or AI-generated text on public matters. Providers must design systems to disclose AI involvement and mark outputs in machine-readable formats, while deployers must inform individuals affected by emotion recognition systems and disclose artificially generated or manipulated content.
Elon Musk is suing OpenAI and its leader Sam Altman, with closing arguments recently heard in federal court in Oakland, California. A nine-person jury will decide whether OpenAI improperly took money or benefits from Musk and enriched itself unfairly. The case has revealed private communications between the two tech leaders and details about OpenAI's internal history.
Hackers from the TeamPCP group stole source code from Mistral AI (a French company that builds large language models, or LLMs) through a supply-chain attack (where attackers compromise software used by many projects) and are now demanding $25,000 to sell it rather than leak it publicly. Mistral confirmed the breach affected some of their SDK (software development kit, tools developers use to build with their platform) packages, but stated that core code, user data, and research systems were not compromised.
Gemini, a crypto exchange founded by the Winklevoss brothers, received a $100 million investment from the founders' venture capital fund, causing its stock price to surge. The company reported better-than-expected financial results for the first quarter, with a smaller loss and higher revenue than analysts predicted, though it has faced challenges since its public debut in September including executive departures and a class-action lawsuit.
N/A -- This article covers closing arguments in a legal trial between Elon Musk and OpenAI's leadership, focusing on the quality of the lawyers' presentations rather than an AI/LLM technical issue, security vulnerability, or system problem.
This article describes a courtroom moment in a lawsuit between Elon Musk and Sam Altman where OpenAI employees presented a trophy to researcher Josh Achiam inscribed with 'Never stop being a jackass,' commemorating an incident when Musk allegedly called Achiam a jackass after Achiam questioned whether racing ahead of Google on AI development was a good idea.
Sea Limited is rolling out Codex, an AI tool for software development, across its engineering teams, with 87% of users actively using it weekly. Unlike simple autocomplete features, Codex provides deep understanding of large codebases (complex collections of code), helping developers navigate dependencies and legacy code while shifting their focus to higher-level design tasks. The company is moving toward agentic workflows (AI systems that can autonomously plan and execute tasks), where AI agents operate within CI/CD pipelines (automated systems that test and deploy code) to reason through requirements, generate tests, and reduce technical debt.
This is a routine release (v0.14.22) of LlamaIndex, an AI framework for building applications with large language models. The update includes multiple dependency updates across 55 directories, fixes to embedding events and memory handling, a new multimodal synthesis feature, and security improvements to prevent unintended data mutation in LLM responses.
This cybersecurity news roundup covers several significant incidents and developments, including a data breach at Nvidia's GeForce NOW service in Armenia that exposed user personal information, extended security update timelines for foreign-made routers and drones, and OpenAI's offer to give EU regulators access to a specialized version of GPT-5.5 for monitoring cyber security risks. The roundup also highlights an active malware campaign targeting developers with fake Claude Code installers, an Iran-linked group breaching South Korean electronics manufacturers, and Google's Android 17 release introducing AI-driven security features like verified financial calls and real-time threat detection.
Fix: For the fake Claude Code installer campaign, the source explicitly mentions the discovery but does not provide a stated mitigation. For Android 17, the source describes the security upgrades included in the update itself (verified financial calls, Live Threat Detection, post-quantum cryptography, automatic OTP hiding, and default-on theft protections), which function as built-in protections rather than external mitigations. For the FCC router waiver, the solution is the extended update window allowing security patches and firmware updates until at least January 1, 2029. No other explicit mitigations or patches are discussed in the source for the remaining incidents.
SecurityWeekAgentic AI tools (AI systems that can plan, make decisions, and take actions without constant human supervision) are becoming more common in organizations but introduce significant security risks beyond traditional AI systems. These risks include broader system access, unpredictable behavior, and difficulty explaining AI actions. The NCSC and international partners recommend organizations adopt agentic AI carefully by starting with low-risk tasks, deploying incrementally with tight controls, maintaining human oversight, and ensuring clear human accountability before connecting agents to real systems or data.
Fix: The source explicitly recommends several mitigation approaches: (1) 'deploy agentic AI incrementally, starting with tightly bounded pilots using clearly defined tasks, and build confidence in the system before you expand the scope'; (2) 'Think about what could happen if an agent misunderstood its task, exceeded its intended scope or was manipulated, and never grant an agent unrestricted access to sensitive data or critical systems'; (3) 'Ensure you maintain ongoing visibility of the system's operation, and understand how to retain meaningful human oversight and control'; (4) 'If you cannot understand, monitor or contain an agent's actions, it is not ready for deployment'; and (5) define clear human accountability for deployment decisions, granted access, safeguards, and the ability to stop the system before connecting it to real systems or data.
UK NCSCFix: OpenAI isolated impacted systems and identities, revoked user sessions, rotated all credentials across impacted repositories, temporarily restricted code-deployment workflows, audited user and credential behavior, and revoked the compromised signing certificates while issuing new ones. macOS users must update ChatGPT Desktop, Codex App, Codex CLI, and Atlas to the latest versions before June 12, 2026.
The Hacker NewsFix: OpenAI rotated credentials across all affected repositories, revoked user sessions, temporarily restricted code-deployment workflows, revoked the compromised code-signing certificates, and re-signed all applications with new certificates. The company also coordinated with platform providers to stop new notarizations (a verification process that confirms software is safe) and prevent misuse of the stolen certificates. macOS users must update their OpenAI apps to the latest versions by June 12, 2026, after which date the old apps will no longer receive updates.
SecurityWeekFix: The EU Commission has published draft Guidelines on the scope and application of Article 50, and a Code of Practice on AI-generated content is being developed to provide practical solutions on marking and labelling. Additionally, a standardized EU label is being developed for marking AI-generated outputs in machine-readable format to make them detectable as artificially generated or manipulated.
EU AI Act UpdatesResearchers using an AI model discovered a critical 18-year-old flaw in Nginx (a web server that powers about one-third of all websites) called a heap buffer overflow (a type of memory corruption bug where data overwrites adjacent memory). The vulnerability, tracked as CVE-2026-42945 with a 9.2 severity score, can crash servers or potentially allow attackers to run malicious code, especially on systems with ASLR (Address Space Layout Randomization, a security feature that randomizes memory locations) disabled.
Fix: Upgrade to patched versions: Nginx 1.31.0 or 1.30.1 for the open-source version, or Nginx Plus versions R36 P4, R32 P6, or 37.0.0 for the commercial product. The source notes that users should 'upgrade to a patched version as soon as possible' since exploit code has been published publicly and past Nginx vulnerabilities have been actively exploited by attackers.
CSO OnlineFix: OpenAI (which was also affected by the same supply-chain attack) responded by rotating code-signing certificates (digital keys that verify software authenticity) and warned macOS users that they must update their OpenAI desktop apps before June 12, or the software may fail to launch and stop receiving updates.
BleepingComputer