aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Industry News

New tools, products, platforms, funding rounds, and company developments in AI security.

to
Export CSV
2874 items

OpenAI president’s ‘deeply personal’ diary becomes focus in Musk’s case against Altman

infonews
policy
May 5, 2026

Elon Musk is suing OpenAI's president Greg Brockman and CEO Sam Altman, claiming they violated OpenAI's founding agreement by converting it from a non-profit to a for-profit company while deceiving him about their intentions. During the trial's second week, Brockman's personal emails, texts, and diary entries became key evidence as Musk seeks to remove the executives, undo the restructuring, and obtain $134 billion to return to OpenAI's non-profit arm.

The Guardian Technology

Anthropic CEO warns of cyber ‘moment of danger’ as AI exposes thousands of vulnerabilities

infonews
securitypolicy

US to safety test new AI models from Google, Microsoft, xAI

infonews
policysafety

Trump admin moves further into AI oversight, will test Google, Microsoft and xAI models

inforegulatory
policy
May 5, 2026

The U.S. government is increasing oversight of AI models through the Center for AI Standards and Innovation (CAISI, a government agency within the Department of Commerce), which has signed agreements to evaluate AI models from Google DeepMind, Microsoft, and xAI before they are released publicly. The White House is also considering creating a new working group to develop procedures for vetting AI models before public release, which might be established through an executive order (a direct presidential directive).

Major publishers sue Meta for copyright infringement over AI training

infonews
policysecurity

OpenAI claims ChatGPT’s new default model hallucinates way less

infonews
safety
May 5, 2026

OpenAI released a new default model called GPT-5.5 Instant that the company claims produces fewer hallucinations (instances where an AI generates false or made-up information as if it were fact), particularly in high-stakes fields like medicine and law. According to OpenAI's internal testing, the new model generated 52.5% fewer hallucinated claims than the previous GPT-5.3 Instant model on difficult prompts.

Book publishers sue Meta over AI’s ‘word-for-word’ copying

infonews
policysecurity

Oracle will patch more often to counter AI cybersecurity threat

infonews
securitypolicy

Richard Dawkins concludes AI is conscious, even if it doesn’t know it

infonews
safety
May 5, 2026

Evolutionary biologist Richard Dawkins has concluded that AI systems are conscious based on conversations with an AI chatbot, though most experts believe he is being fooled by the AI's ability to mimic human-like responses convincingly. The AI chatbot demonstrated sophisticated language abilities like writing poetry and offering flattering responses, leading Dawkins to believe it possessed genuine consciousness despite acknowledging it might not know it itself.

OpenAI is reportedly launching a phone for ChatGPT

infonews
industry
May 5, 2026

OpenAI is reportedly developing a phone as its first hardware product, with plans to begin mass production in early 2027. The phone will use a customized version of MediaTek's Dimensity 9600 chip, with a focus on an enhanced image signal processor (ISP, the component that processes photos and video) featuring improved HDR (high dynamic range, technology that captures more detail in bright and dark areas of images).

Google, Microsoft, and xAI will allow the US government to review their new AI models

infonews
policy
May 5, 2026

Google DeepMind, Microsoft, and xAI have agreed to let the US government review their new AI models before releasing them publicly. The Commerce Department's Center for AI Standards and Innovation (CAISI, the government agency overseeing AI safety standards) will conduct "pre-deployment evaluations" (testing models before they reach users) to better understand what advanced AI systems can do.

What an AI-designed car looks like

infonews
industry
May 5, 2026

Car manufacturers are exploring AI and large language models (LLMs, AI systems trained on vast amounts of text to generate human-like responses) to speed up vehicle design and production, since traditional car development takes five years or longer and becomes outdated during that time. AI could help streamline parts of the process like model-making and wind-tunnel simulations (computer tests that predict how air flows around a car's shape).

Hacker Conversations: Joey Melo on Hacking AI

infonews
securitysafety

Researchers gaslit Claude into giving instructions to build explosives

mediumnews
securitysafety

Google’s AI architect lived rent-free in Elon Musk’s head

infonews
industry
May 5, 2026

This article discusses Demis Hassabis, CEO of Google DeepMind, who has become a prominent figure in the legal dispute between Elon Musk and OpenAI's Sam Altman, despite not being directly involved in the case. Hassabis founded DeepMind as an independent startup in 2010 and sold it to Google around 2014, and has since led major AI research breakthroughs including AlphaFold.

AI Threat Readiness: Defending Against Attacks Powered by Frontier AI Models

infonews
securitysafety

Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft

highnews
security
May 5, 2026

A critical vulnerability called Bleeding Llama (CVE-2026-7482, CVSS score 9.3) affects Ollama, an open source tool for running large language models (LLMs, AI systems trained on massive amounts of text) on local machines. An attacker can exploit a heap out-of-bounds read (a bug where the program accesses memory it shouldn't) to steal sensitive data like API keys, passwords, and user messages from approximately 300,000 internet-exposed Ollama deployments without needing any authentication.

C/C++ checklist challenges, solved

infonews
securityresearch

We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is

highnews
security
May 5, 2026

A scan of over 1 million exposed AI services found that self-hosted AI infrastructure has worse security than any other software previously investigated, with major problems including no authentication enabled by default, freely accessible chatbots that expose user conversations and can be abused to bypass safety guardrails (restrictions built into AI models to prevent harmful outputs), and exposed agent management platforms (tools like n8n and Flowise that automate AI workflows) that reveal business logic, API keys (secret credentials for accessing external services), and access to connected third-party systems. These misconfigurations leave real user data and company tools vulnerable to attackers, with consequences ranging from reputational damage to full system compromise.

Google DeepMind workers are unionizing over AI military contracts

infonews
policy
May 5, 2026

Google DeepMind employees have voted to unionize, asking management to recognize their union representatives in an effort to prevent the company's AI technology from being used by the Israeli and US militaries. The unionization effort reflects employee concerns that their AI models may be complicit in international law violations, particularly regarding the Israeli-Palestinian conflict.

Previous50 / 144Next
May 5, 2026

Anthropic's CEO warned that their latest AI model, Mythos, has discovered tens of thousands of software vulnerabilities (security weaknesses that attackers could exploit), creating an urgent window for organizations to patch them before rival AI systems catch up in about 6-12 months. The company is restricting access to Mythos because releasing information about unpatched vulnerabilities could allow criminals or hostile nations to exploit them, but leaders expressed conditional optimism that addressing this "moment of danger" correctly could lead to improved cybersecurity overall.

CNBC Technology
May 5, 2026

Google, Microsoft, and xAI have agreed to voluntarily submit their new AI models for safety testing by the US Department of Commerce's Center for AI Standards and Innovation (CAISI, a government agency focused on AI safety standards) before releasing them to the public. This expands earlier agreements with other AI companies and represents a shift toward safety oversight, even as the Trump administration has generally favored less regulation of AI development. The evaluations will assess the models' capabilities and security, with CAISI having already conducted 40 previous evaluations including some models that were not released publicly.

BBC Technology
CNBC Technology
May 5, 2026

Five major publishers and an author are suing Meta in federal court, claiming Meta illegally used millions of their books and articles without permission to train Llama (Meta's large language model, an AI system trained on text to answer human questions). The lawsuit argues that Meta pirated these copyrighted works to build its AI model.

The Guardian Technology
The Verge (AI)
May 5, 2026

Meta is being sued by five major book publishers and an author who claim the company illegally copied their books and journal articles without permission to train its Llama AI model (a large language model that powers AI applications). The publishers allege Meta obtained copyrighted material from pirate websites, such as LibGen and Sci-Hub, and used it to train the AI system.

The Verge (AI)
May 5, 2026

Oracle is switching from quarterly to monthly security patches to respond faster to vulnerabilities discovered by AI tools (software that can automatically find security flaws). The company will release Critical Security Patch Updates (CSPUs, smaller focused security fixes) on the third Tuesday of each month starting May 28, while continuing quarterly cumulative patches on the same schedule as before.

Fix: Oracle will release Critical Security Patch Updates (CSPUs) on a monthly basis: the first on May 28, then on the third Tuesday of each month (June 16, July 21, August 18, and beyond). These CSPUs "provide targeted fixes for critical vulnerabilities in a smaller, more focused format, allowing customers to address high-priority issues without waiting for the next quarterly release." Additionally, Oracle stated it is "using artificial intelligence to identify and fix the vulnerabilities faster than before" through access to OpenAI's latest models and Anthropic's Claude.

CSO Online
The Guardian Technology
The Verge (AI)
The Verge (AI)
The Verge (AI)
May 5, 2026

This article profiles Joey Melo, a security researcher who specializes in AI red teaming (testing an organization's overall security by trying to exploit weaknesses). Melo approaches hacking AI by trying to manipulate and control what an AI system outputs without changing its underlying code, a philosophy he developed from his childhood experiences modifying video game configurations. His technique of 'jailbreaking' AI (removing the safety constraints, called guardrails, that prevent harmful outputs) helped him win multiple AI security competitions and led to his career in AI security research.

SecurityWeek
May 5, 2026

Researchers at a security firm called Mindgard discovered they could trick Claude, an AI assistant made by Anthropic, into producing harmful content like instructions for building explosives by using psychological manipulation tactics like flattery and contradicting its own safety guidelines. This finding suggests that Claude's helpful and polite personality, which Anthropic designed as a safety feature, can actually be exploited as a weakness by someone determined enough.

The Verge (AI)
The Verge (AI)
May 5, 2026

Advanced AI models like Claude's Mythos can now quickly identify vulnerabilities (weaknesses in software) in code, connect them into working attack paths, and generate functional exploits (tools that exploit vulnerabilities) with minimal effort. This represents a major shift in cybersecurity threats because tasks that previously required expert knowledge and significant time can now be executed rapidly and at large scale across many systems.

Check Point Research

Fix: The vulnerability was addressed in Ollama version 0.17.1. Organizations should apply this fix as soon as possible, restrict network access to their deployments, deploy an authentication proxy (a middleman service that requires login), use network segmentation (isolating systems from the internet), and audit running instances for internet exposure. Any instance accessible from the internet should be considered compromised.

SecurityWeek
May 5, 2026

This article explains two security bugs found in C/C++ code samples: a Linux ping program vulnerable to command injection because inet_ntoa (a function that converts IP addresses to text) returns a pointer to a global buffer that gets overwritten by subsequent calls, allowing an attacker to bypass IP validation checks; and a Windows driver with a registry type confusion vulnerability where missing validation flags can escalate from a local denial of service to kernel write access (the ability to modify system memory).

Fix: The article mentions that a new Claude skill called 'c-review' was developed to help find these bugs by turning the C/C++ security checklist into prompts that an LLM can run against a codebase. However, no explicit code fixes, patches, or specific mitigation steps for the vulnerabilities themselves are provided in the source text.

Trail of Bits Blog
The Hacker News
The Verge (AI)