New tools, products, platforms, funding rounds, and company developments in AI security.
AI data poisoning is a security threat where an AI model's training data or information sources become corrupted, causing the system to make decisions based on false information while appearing normal. This can happen through malicious attacks, but more often organizations poison their own systems by feeding AI models data from multiple conflicting sources like outdated files and incompatible databases. Unlike traditional cyberattacks that trigger visible alarms, poisoning is dangerous because no obvious damage appears, yet the AI produces plausible but incorrect answers affecting business decisions.
Singular Bank built Singularity, an internal AI assistant powered by ChatGPT and Codex (OpenAI's code-generation model), to help bankers quickly analyze client investment portfolios and prepare communications. The system saves bankers 60-90 minutes daily by automating tasks like portfolio analysis, meeting preparation, and follow-up drafting, allowing them to spend more time advising clients and building relationships.
Uber is using OpenAI's large language models (AI systems trained on massive amounts of text to understand and generate human language) to build Uber Assistant, an AI-powered tool that helps drivers and couriers make better decisions by turning complex marketplace data into simple, real-time guidance. The Assistant reduces cognitive overhead (the mental effort needed to process complicated information) by letting drivers ask questions in plain language about where to earn, how to optimize their time, and understanding platform dynamics, which helps both new and experienced drivers perform better.
ChatGPT Futures honors college students from the class of 2026, the first generation to complete college with AI tools like ChatGPT available throughout their education. Rather than using AI to avoid work, these students are using it to build real projects faster, from research tools to accessibility software, demonstrating that AI amplifies human ambition and lowers barriers to turning ideas into tangible outcomes.
Frontier enterprises (those using AI most extensively) now use 3.5x more AI intelligence per worker than typical firms, with the gap driven by deeper, more complex usage rather than just more messages. The key difference is that leading firms use agentic workflows (AI systems that can complete multi-step tasks with minimal human intervention), with frontier companies sending 16x more messages to coding tools like Codex per worker, moving from simple question-answering to delegating substantial work to AI agents.
OpenAI President Greg Brockman testified in a trial against Elon Musk, denying that he or others made commitments to keep OpenAI as a nonprofit organization. Brockman also revealed that Musk had enlisted OpenAI employees to do unpaid work at Tesla on self-driving technology in 2017, and testified that Musk was a polarizing figure who sometimes discouraged job candidates from joining OpenAI. The lawsuit, filed two years ago, centers on whether OpenAI violated an obligation to remain a nonprofit.
Google has updated Gemini for Home to version 3.1, which improves the AI assistant's ability to handle complex, multi-step tasks and combine multiple requests in a single command. The update also enhances Gemini's understanding of natural language (how humans normally speak), device identification, and management of calendar events. These improvements follow reports of bugs in the smart home assistant.
Attackers are using supply-chain attacks (compromising software components that developers rely on) to target AI coding agents, which automatically scan package registries like NPM and PyPI for dependencies to include in projects. A North Korean group called Famous Chollima launched the PromptMink campaign, using fake packages with legitimate-sounding names and descriptions, along with hidden malicious code, to trick AI agents into installing malware that steals information and grants attackers remote access to developers' computers.
Microsoft is stopping development of Copilot (an AI assistant that helps users with tasks) on Xbox consoles and winding down its mobile version. The decision was announced by new Xbox CEO Asha Sharma as part of a reorganization aimed at helping Xbox move faster and better connect with players and developers.
Apple is planning to let users choose their preferred AI model for Apple Intelligence features in upcoming operating systems (iOS 27, iPadOS 27, and macOS 27) expected this fall. Third-party AI models, called "Extensions," will be able to power features like Siri, Writing Tools, and Image Playground across the system. Users will also be able to assign different Siri voices to different AI models.
This article covers testimony in a lawsuit where Elon Musk is trying to reverse OpenAI's shift from a non-profit to a for-profit structure. OpenAI president Greg Brockman described a tense 2017 meeting where Musk became angry after being denied more control of the company, with Brockman stating he feared Musk might become physically violent. The lawsuit centers on whether Musk was aware of and agreed to OpenAI's plan to transition to a for-profit model before he left the company.
Elon Musk is suing OpenAI's president Greg Brockman and CEO Sam Altman, claiming they violated OpenAI's founding agreement by converting it from a non-profit to a for-profit company while deceiving him about their intentions. During the trial's second week, Brockman's personal emails, texts, and diary entries became key evidence as Musk seeks to remove the executives, undo the restructuring, and obtain $134 billion to return to OpenAI's non-profit arm.
The U.S. government is increasing oversight of AI models through the Center for AI Standards and Innovation (CAISI, a government agency within the Department of Commerce), which has signed agreements to evaluate AI models from Google DeepMind, Microsoft, and xAI before they are released publicly. The White House is also considering creating a new working group to develop procedures for vetting AI models before public release, which might be established through an executive order (a direct presidential directive).
OpenAI released a new default model called GPT-5.5 Instant that the company claims produces fewer hallucinations (instances where an AI generates false or made-up information as if it were fact), particularly in high-stakes fields like medicine and law. According to OpenAI's internal testing, the new model generated 52.5% fewer hallucinated claims than the previous GPT-5.3 Instant model on difficult prompts.
OpenAI trains ChatGPT using various data sources, including publicly available internet content and user conversations, to help the model learn broad knowledge and perform better. To protect privacy, OpenAI uses Privacy Filter (a tool that identifies and masks personal information in text) at multiple stages of training, and gives users control over their data through settings like the ability to disable model training, use temporary chats that auto-delete after 30 days, and manage or delete their account information.
Fix: OpenAI has implemented Privacy Filter, which identifies and masks personal information in text at multiple stages in the training process. Users can disable model training by going to Settings, then Data Controls, and turning off 'Improve the model for everyone.' Alternatively, users can use Temporary Chat (which does not appear in chat history, does not create memories, and is not used to train models, with conversations deleted after 30 days). Users can also review, edit, or delete saved memories, export their data, delete their account, or submit privacy requests through the privacy request portal.
OpenAI BlogCISA (US Cybersecurity and Infrastructure Security Agency) is considering reducing the time government agencies have to fix critical vulnerabilities from 14 days to 3 days, partly due to concerns that AI models like Claude will help attackers find and exploit serious security flaws more quickly. Currently, the most urgent vulnerabilities (zero-days, which are flaws being actively exploited with no patch available) require fixes within 24-72 hours, while other critical vulnerabilities under active exploitation have 14 days. Security experts have mixed views on whether a 3-day timeline is realistic, with many concerned it doesn't allow enough time for proper testing before deploying patches.
AWS has launched AI Traffic Analysis dashboards for AWS WAF (a web access control list, or tool that filters traffic to web applications), helping organizations understand and manage AI bot traffic that now makes up 30-60% of total web activity. The dashboard provides visibility into which AI bots are accessing applications, their intent (like data gathering or search indexing), and traffic patterns, integrated with AWS WAF Bot Control's detection of over 650 unique bots.
Anthropic's CEO warned that their latest AI model, Mythos, has discovered tens of thousands of software vulnerabilities (security weaknesses that attackers could exploit), creating an urgent window for organizations to patch them before rival AI systems catch up in about 6-12 months. The company is restricting access to Mythos because releasing information about unpatched vulnerabilities could allow criminals or hostile nations to exploit them, but leaders expressed conditional optimism that addressing this "moment of danger" correctly could lead to improved cybersecurity overall.
Google, Microsoft, and xAI have agreed to voluntarily submit their new AI models for safety testing by the US Department of Commerce's Center for AI Standards and Innovation (CAISI, a government agency focused on AI safety standards) before releasing them to the public. This expands earlier agreements with other AI companies and represents a shift toward safety oversight, even as the Trump administration has generally favored less regulation of AI development. The evaluations will assess the models' capabilities and security, with CAISI having already conducted 40 previous evaluations including some models that were not released publicly.
Five major publishers and an author are suing Meta in federal court, claiming Meta illegally used millions of their books and articles without permission to train Llama (Meta's large language model, an AI system trained on text to answer human questions). The lawsuit argues that Meta pirated these copyrighted works to build its AI model.