New tools, products, platforms, funding rounds, and company developments in AI security.
Thinking Machines, an AI company founded by former OpenAI CTO Mira Murati, is developing 'interaction models' that can process audio, video, and text simultaneously and respond in real time, unlike current AI models that wait passively for users to finish typing or speaking before responding.
Google's security team reported that it stopped hackers from using AI models to find and exploit a zero-day vulnerability (a software flaw unknown to developers) as part of a planned large-scale attack that would have bypassed two-factor authentication (a security method using two verification steps). The incident highlights a growing concern that criminals are using available AI tools to discover software weaknesses in ways that could harm companies and organizations.
OpenAI's Chief Revenue Officer announced that enterprise AI adoption is reaching a 'tipping point' and introduced a new Deployment Company to accelerate business adoption of AI technology. The company acquired Tomoro, an AI consulting firm, bringing about 150 forward-deployed engineers (specialists who work directly with clients to integrate AI into their business processes) who will help organizations understand their workflows and implement AI solutions.
A developer demonstrated how to use an LLM (large language model) directly in the shebang line (the first line of a script that tells the system how to run it) of executable text files, allowing scripts to be written as natural English prompts instead of traditional code. The approach uses the LLM tool with various options to generate outputs like SVG images, incorporate external tools, and even execute YAML templates that define custom Python functions.
Microsoft CEO Satya Nadella testified in a lawsuit that Elon Musk never contacted him about concerns that Microsoft's investments in OpenAI violated any agreements or commitments. Musk sued OpenAI and its leaders in 2024, claiming they abandoned the company's nonprofit mission, and he alleges Microsoft's $13 billion in investments to OpenAI helped enable this breach of charitable trust. Nadella stated that Microsoft's investments were commercial partnerships with clear business benefits, not donations, and that he believed the company acted appropriately.
Google discovered and blocked a zero-day exploit (a previously unknown security flaw) that was created with AI assistance, which criminals planned to use for mass attacks on a web administration tool. Researchers identified AI involvement by finding signs in the Python script like artificial CVSS scores (severity ratings) and text patterns typical of AI language models.
OpenAI's Q1 2026 data shows ChatGPT adoption expanded beyond early adopters, with growing usage among older age groups, users with typically feminine names, and people in emerging markets across Latin America, Asia-Pacific, and Africa. Workplace use evolved to focus on specialized tasks like content creation and health documentation rather than just general writing. Overall, ChatGPT became a more mainstream tool used by diverse people in more countries for recurring tasks.
According to Google's threat intelligence group, AI-powered hacking (using AI models to help create and scale cyberattacks) has rapidly grown from a minor issue to a large, organized threat in just three months. Criminal groups and state-sponsored actors are now using commercial AI models to write code and find vulnerabilities (weaknesses in software that can be exploited) more effectively and at a much larger scale.
This is a podcast interview transcript where tech journalist Joanna Stern discusses her new book 'I Am Not a Robot,' in which she spent a year integrating AI into every aspect of her life to evaluate the technology's current state. She found that many hyped AI products, especially humanoid robots (physical machines designed to look and act like humans), are not yet ready for real-world use, though she is optimistic about wearable AI (AI embedded in portable devices like smartwatches) as a potential breakthrough application.
Cerebras Systems, an AI chipmaker, increased its IPO (initial public offering, when a private company sells shares to the public for the first time) price range to $150-$160 per share, up from $115-$125, potentially raising $4.8 billion. The company makes specialized chips that compete with Nvidia's GPUs (graphics processing units, hardware that processes AI calculations) and claims its chips are faster and cheaper, with major backing from OpenAI.
Attackers are increasingly using large language models (AI systems trained on vast amounts of text that can generate human-like responses) to create exploits (tools that take advantage of software vulnerabilities) and automate complex attacks. While adversaries have used AI for a while, this represents a shift toward more sophisticated automation of the attack development process.
A fake AI model repository on Hugging Face (a platform for sharing AI models) impersonated OpenAI's Privacy Filter and tricked 244,000 users into downloading it before removal. The malicious repository contained a loader.py file that delivered infostealer malware (software that steals passwords and credentials) to Windows systems, highlighting risks in how companies source and validate AI models from public repositories.
This is an interest form from OpenAI for university student clubs to join their Campus Network program. The form collects information about the club's activities, current use of AI tools, and what kinds of support or opportunities the club members are interested in exploring.
Threat actors are increasingly using AI and large language models (LLMs, systems trained on massive amounts of text to generate human-like responses) to discover vulnerabilities, create malware, and conduct cyberattacks at industrial scale, with groups linked to China, North Korea, and Russia demonstrating significant AI-enabled capabilities. AI is being used both as an attack tool (for generating exploits, evading defenses, and creating deepfakes) and as a target for compromise, with attackers seeking unauthorized access to AI systems through supply chain attacks and illicit model access. Google's Threat Intelligence Group reports these threats are advancing from experimental to mature operations, including autonomous malware like PROMPTSPY that can dynamically adapt to victim systems.
Fix: Google mitigates AI model abuse by disabling malicious accounts accessing Gemini. Additionally, Google employs AI agents like Big Sleep to identify software vulnerabilities and uses Gemini's reasoning capabilities through CodeMender to automatically fix vulnerabilities, while enhancing product safeguards to offer scaled protections to users.
Google Threat IntelligenceOTT Cybersecurity LLC announced that its product Lyrie.ai has been accepted into Anthropic's Cyber Verification Program, and released the Agent Trust Protocol (ATP), an open cryptographic standard (a set of math-based rules for secure communication) that allows systems to verify the identity, permissions, and integrity of autonomous AI agents operating on the internet. ATP addresses a security gap by letting organizations confirm who an AI agent is, what it's authorized to do, and whether it has been tampered with.
Google's Threat Intelligence Group discovered the first confirmed AI-crafted zero-day exploit (a previously unknown security flaw) in the wild, which was a Python script that bypassed two-factor authentication (a security method requiring two forms of verification) on a web-based system administration tool. The exploit exploited a logic flaw that the AI model found by understanding the developers' intent rather than just finding basic coding mistakes. As AI models become more advanced at reasoning about complex code, such AI-generated exploits may become more common, and threat actors are also attempting to abuse AI systems like Google's Gemini to discover vulnerabilities in firmware (the low-level software in devices) and other systems.
This article presents ten critical questions organizations should ask before using AI models to find vulnerabilities in their systems. Rather than offering a specific technical fix, it emphasizes that simply finding vulnerabilities doesn't improve security without proper processes, prioritization, and risk management in place. Key concerns include data leakage risks, whether AI is truly the best approach compared to basic security hygiene like patching, and ensuring your organization has the people and processes to actually fix discovered issues.
OpenAI announced it will give the European Union access to GPT-5.5-Cyber, a specialized AI model designed for cybersecurity defense, while Anthropic has not yet granted similar access to its competing model called Mythos. The EU plans to review OpenAI's model closely to address security concerns, though discussions with Anthropic about accessing Mythos are still at an earlier stage.
This blog discussion explores steganography (hiding secret messages within other content) involving LLMs through techniques like white text on white backgrounds and deliberately misspelling words to confuse AI models. Commenters note that LLMs handle these obfuscation attempts easily, and discuss broader steganography methods including TEMPEST (electromagnetic emissions security), with mention that modern software-defined radios (SDRs, affordable radio receivers programmable via software) have made older defensive techniques less effective.
AI security is currently focused on posture-based controls (checking configurations, access rules, and input filters), similar to how endpoint security relied on antivirus signatures in the early 2000s, but this approach is incomplete because the AI attack surface is expanding faster than teams can secure it. The article argues that organizations need to shift toward behavior-based detection, which monitors what AI systems actually do (API calls, data retrieval, system actions) rather than just checking if security policies are in place, because the blast radius of a compromised AI agent affects multiple systems downstream.