New tools, products, platforms, funding rounds, and company developments in AI security.
Two brothers fired from a hosting company that served 45+ US government agencies used an AI chatbot to help them delete customer databases and cover their tracks, asking it questions like how to clear system logs from SQL servers. The incident highlights that organizations need stronger controls to prevent insider attacks (damage from current or former employees) and must implement better safeguards to prevent AI tools from being misused for destructive purposes.
Microsoft CEO Satya Nadella worried that OpenAI could become more dominant than Microsoft itself, similar to how Microsoft once overtook IBM in the 1980s. Court testimony revealed that Microsoft invested over $100 billion in OpenAI through investments, infrastructure, and hosting costs, and by the end of 2025, about 45% of Microsoft's cloud business obligations were tied to OpenAI, showing how dependent the company had become on its AI partner.
Microsoft Edge is updating its Copilot AI chatbot to access information from all your open browser tabs, letting you ask questions about tab content, compare products, and summarize articles. Users can choose which features to enable or disable, and Microsoft is replacing the older Copilot Mode (which had agentic features like booking reservations) with this new tab-aware version.
N/A -- This article is about Microsoft's legal positioning in the Musk v. Altman trial and does not discuss any AI/LLM technical issues, vulnerabilities, or security concerns.
A Chinese court ruled that a company wrongfully fired a worker who had been replaced by AI, awarding him over £28,000 in compensation. The case reflects China's attempt to balance rapid AI adoption with worker protections, especially as youth unemployment remains high. Legal experts suggest that while companies can adopt AI technology, they cannot simply fire employees without considering the workers' interests or providing alternatives like retraining.
This article covers testimony from OpenAI CEO Sam Altman in a lawsuit brought by Elon Musk over OpenAI's conversion from a nonprofit to a for-profit structure. Altman argued that Musk abandoned the company rather than Altman stealing it, testifying that negotiations between the co-founders in 2017-2018 over corporate structure collapsed and Musk left OpenAI's board in February 2018. The dispute centers on whether Altman and other executives broke promises to keep OpenAI as a nonprofit and use Musk's roughly $38 million donation only for charitable purposes.
Two hacking groups in Latin America are using AI agents (software that can perform tasks independently) to automatically create custom hacking tools for attacks against targets in Mexico and Brazil. This represents a new threat where attackers let AI do much of the work of building attack software rather than writing it manually.
Amazon is launching Alexa for Shopping, an LLM-powered AI assistant (a language model trained to understand and respond to text) that integrates directly into Amazon.com to answer shopping questions and provide product recommendations. This new assistant replaces Amazon's previous shopping AI called Rufus and will appear prominently in the Amazon app and website when users type queries.
A legal dispute between Elon Musk and OpenAI leaders has revealed that private conversations shared with AI chatbots are not actually confidential, as evidenced by Greg Brockman's personal messages about Musk being used as court evidence. This case demonstrates that users should be cautious about disclosing sensitive personal information to AI systems because that data may not remain private.
SoftBank's Vision Fund recorded a $46 billion gain in the past year, mostly from its massive investment in OpenAI, which has grown to be worth $852 billion. However, this heavy concentration of OpenAI in SoftBank's portfolio has raised concerns about the company's debt and financial stability, leading ratings agency S&P Global to downgrade its outlook from stable to negative.
Palo Alto Networks warns that hackers are increasingly using AI models to find and exploit software vulnerabilities (weaknesses in code that attackers can use), and companies have only 3-5 months to strengthen their defenses before AI-driven attacks become common. Security teams are under pressure as more sophisticated AI models make it easier for attackers to discover previously unknown vulnerabilities faster than companies can fix them.
Fix: Palo Alto Networks announced it will roll out 'virtual patching capabilities' (temporary security measures that block attacks without changing the underlying code) 'very soon.' Additionally, Anthropic limited early access to its Mythos model to a select group of companies, including Palo Alto Networks, CrowdStrike, Amazon, Apple, and JPMorgan, to test and fix vulnerabilities before hackers can exploit them. OpenAI also launched its GPT-5.5-Cyber model and Daybreak cyber initiative to address these threats.
CNBC TechnologyAI chatbots like Google's Gemini and ChatGPT are accidentally revealing people's real phone numbers in their responses, sometimes giving out correct personal information and sometimes generating plausible-sounding but wrong numbers that still reach innocent people. Experts believe this happens because of personally identifiable information (PII, real details about people) in the training data (the information used to teach the AI), though the exact mechanism is unclear. The problem appears widespread and difficult to stop, with privacy removal companies reporting a 400% increase in requests about AI-related privacy concerns over the last seven months.
The 'Mythos Moment' refers to when the speed and volume of AI-assisted cyberattacks exceeded what human security teams could handle. Sweet Security launched Sweet Attack, an agentic AI system (an AI that can plan and execute tasks autonomously) that performs continuous red teaming (security testing where an AI simulates attacker behavior) by maintaining detailed, real-time knowledge of each client's actual infrastructure, rather than relying on theoretical models.
Fix: Sweet Security provides Sweet Attack, which "automatically provides and maintains the full context necessary for Sweet Attack to operate" by continuously indexing runtime data directly from customers' environments, including topology, exposed systems, deployed code, identity paths, and application behavior. The system reevaluates potential attack paths "as soon as any new component appears in the runtime environment," enabling security teams to prioritize which vulnerabilities to fix based on actual exploitability rather than theoretical risk.
SecurityWeekMicrosoft developed MDASH (multi-model agentic scanning harness), an AI system that uses over 100 specialized AI agents working together to find and validate security vulnerabilities in complex software like Windows. MDASH successfully discovered 16 vulnerabilities that were patched in May 2026, including two critical flaws that could allow remote code execution (running commands on a system without permission) in Windows networking components.
Anthropic's Mythos is an AI system that can autonomously find and exploit zero-day vulnerabilities (previously unknown security flaws) in major software, and both the US and China are racing to develop similar capabilities. While the US has maintained a lead in AI development, the performance gap is rapidly closing, and the real danger may be less about which superpower dominates and more about these capabilities leaking into criminal groups or ransomware operations that governments cannot control. The US and China are exploring diplomatic channels to establish guardrails around powerful AI systems.
Fix: Anthropic has launched Project Glasswing and committed $100 million in usage credits to help defenders secure critical infrastructure before similar capabilities become widely available. Additionally, both the US and China are weighing conversations focused on establishing guardrails covering AI models behaving unexpectedly, autonomous military systems, and nonstate actors using powerful open-source tools.
CSO OnlineMicrosoft developed MDASH, an AI system that uses over 100 specialized AI agents to automatically find software vulnerabilities, and it discovered 16 previously unknown Windows flaws, including four critical RCEs (remote code execution attacks where attackers can run commands on a system). The vulnerabilities were patched in Microsoft's May 12 Patch Tuesday release, and the system will enter private preview for enterprise customers next month.
Fix: The vulnerabilities were patched as part of Microsoft's May 12 Patch Tuesday release.
CSO OnlinePalo Alto Networks launched Idira, a new identity security platform designed to manage and secure human users, machine identities (non-human accounts that systems use), and AI agents as enterprises increasingly deploy autonomous AI systems. Unlike traditional identity management systems, Idira treats all identities as privileged and uses dynamic privilege controls, continuously discovering identities across cloud and developer environments while dynamically granting and revoking access permissions in real time rather than using static access tokens.
The UK's AI Security Institute tested whether GPT-5.5 (OpenAI's model) could find security vulnerabilities as well as Claude Mythos, and found they perform comparably. A smaller, cheaper model also performed equally well, though it needs more scaffolding (additional structure and guidance provided by the person writing prompts to the AI).
Codex, OpenAI's coding agent, previously lacked a sandbox (a constrained execution environment with restricted permissions) on Windows, forcing users to either approve every command or allow unrestricted access. To solve this, the Codex team built a custom sandbox implementation because existing Windows tools like AppContainer, Windows Sandbox, and Mandatory Integrity Control labeling were either too restrictive for open-ended developer workflows or incompatible with the product requirements.
CISA and G7 cyber agencies released guidance on minimum elements for AI software bills of materials (SBOMs, documents listing all components and dependencies in software), helping security leaders assess AI system risks before deployment. Unlike traditional SBOMs that only track code, AI SBOMs must document models, training data, prompts, infrastructure, and other AI-specific elements because AI systems' behavior depends on data and models as much as code. The guidance gives organizations a framework to ask vendors for transparency during procurement, though it shows what vendors claim exists rather than proving the systems are trustworthy.
Fix: S&P Global Ratings suggested that SoftBank could "limit negative financial impacts" by selling some assets. SoftBank has already been selling stakes in companies like T-Mobile and Nvidia to fund its OpenAI investment.
CNBC Technology