New tools, products, platforms, funding rounds, and company developments in AI security.
N/A -- The provided content is a metadata header and navigation element from a web page, not an actual article or analysis. It contains only a title, date, author attribution, topic tags, and sponsorship information with no substantive technical content about GPT-5.5, cyber capabilities, or any security findings to summarize.
Elon Musk testified in his lawsuit against Sam Altman and OpenAI, with a judge interrupting his discussion about AI risks during cross-examination. The trial is revealing private communications about OpenAI's creation and will include testimony from other tech industry leaders about the conflict between Musk and Altman.
Bluekit is a phishing kit (a pre-built toolkit that helps attackers create fake login pages to steal credentials) that includes over 40 templates targeting popular services like Gmail, iCloud, and GitHub, plus an AI assistant panel supporting models like GPT-4.1 and Claude to help cybercriminals draft phishing emails. The kit integrates domain registration, phishing page setup, campaign management, and real-time victim monitoring into one interface, making it accessible to less-skilled attackers. While the AI-generated outputs are currently basic and require manual cleanup, the platform is under active development and receiving frequent updates, suggesting it will likely become more widely adopted.
OpenAI launched Advanced Account Security, an optional protection feature for high-risk ChatGPT and Codex users like journalists and dissidents that replaces passwords with physical security keys or passkeys to prevent account takeover attacks (when someone gains unauthorized access to an account). The feature also uses recovery keys instead of email/SMS for account recovery, enforces shorter login sessions, and sends alerts on sign-ins, making it much harder for attackers to breach accounts through phishing (tricking users into revealing login credentials) or social engineering (manipulating support staff).
Gemini, a crypto exchange, received approval from the U.S. Commodity Futures Trading Commission (CFTC, the federal agency that regulates futures and derivatives) to operate its own regulated derivatives clearinghouse, allowing it to process trades internally rather than through outside services. This approval enables Gemini to expand into prediction markets (betting platforms where users forecast future events) and perpetual futures (leveraged contracts that never expire), giving the company more control over these products and potentially more stable revenue streams.
Microsoft and OpenAI have restructured their business partnership, with the key change allowing OpenAI to offer its products and services through multiple cloud providers (computing platforms that deliver software and services over the internet) instead of being limited to Microsoft's cloud. The companies maintained an amicable relationship despite previous tensions over contracts and AI infrastructure.
Google is updating vehicles equipped with Google built-in to replace their current Google Assistant with Gemini, a more advanced AI assistant. The upgrade will be available to both new and existing vehicles through a software update, offering improvements in natural conversations, vehicle information retrieval, and settings adjustments.
OpenAI discovered that its AI models were unexpectedly inserting references to goblins and other creatures into their responses, a behavior that started appearing in the GPT-5.1 model, particularly when using the "Nerdy" personality option. The company traced this quirk to patterns in the training data and added instructions to prevent the models from discussing these creatures.
OpenAI discovered that ChatGPT and other tools powered by its GPT-5 model were randomly mentioning goblins, gremlins, and other creatures in their responses, with goblin mentions increasing 175% after the GPT-5.1 launch in November. The problem stemmed from a "nerdy personality" developed during training that was rewarding mentions of these creatures in metaphors, and OpenAI found this personality was responsible for 66.7% of all goblin mentions. The issue illustrates how AI training systems can accidentally reinforce quirks and errors when they reward certain language patterns.
A critical vulnerability in Gemini CLI, an open source AI agent for terminal access to Google's Gemini, allowed attackers to execute arbitrary code on the host system by planting malicious configuration files in a workspace folder. The flaw was particularly dangerous in CI/CD pipelines (automated systems that build, test, and deploy software) because attackers could steal credentials and perform supply chain attacks (compromising software before it reaches users) by exploiting the trusted access that these pipelines have.
A maximum-severity vulnerability in Google Gemini CLI allowed remote code execution (RCE, where attackers can run commands on a system they don't own) when the tool processed untrusted inputs in automated environments like CI/CD pipelines (automated workflows that test and deploy code). The flaw occurred because the CLI automatically trusted workspace configurations without verification, letting attackers inject malicious code that would execute before security protections kicked in.
Despite heavy promotion by tech companies, young people (Gen Z) are increasingly using AI chatbots like ChatGPT while simultaneously expressing strong negative feelings toward AI technology. Polling data shows widespread cultural backlash against AI among Gen Z students and workers, even as they continue to adopt these tools.
OpenAI is restricting access to its new cybersecurity tool called Cyber (part of GPT-5.5) to only approved users, requiring them to submit credentials and explain their intended use through an application on OpenAI's website. Cyber can perform tasks like penetration testing (simulating attacks to find security weaknesses), vulnerability identification, and malware reverse engineering (analyzing malicious code to understand how it works), but OpenAI is limiting access because the tool could be misused by attackers if widely available.
Fix: OpenAI says it's working to make Cyber more widely available by consulting with the U.S. government and identifying more users with legitimate cybersecurity credentials.
TechCrunch (Security)Anthropic has released a new AI model called Mythos that industry leaders believe could significantly disrupt cybersecurity practices and defenses. The article discusses potential threats this model poses and reports on what cybersecurity experts are saying about its implications.
Anthropic released Claude Security, an AI-powered tool designed to help security teams find and fix vulnerabilities faster by scanning code repositories, identifying security flaws, and generating targeted patches. The tool is available in public beta for Claude Enterprise customers and integrates with existing security platforms from companies like CrowdStrike and Microsoft, aiming to reduce the time from vulnerability discovery to fix from days to a single session.
Fix: Claude Security provides automated vulnerability scanning, generates confidence ratings on severity, offers reproduction instructions, and creates targeted patch instructions that can be worked through with Claude Code on the Web. Users can also schedule regular scans for ongoing coverage rather than one-off audits. The tool is available now to Claude Enterprise customers through Claude.ai/security and works with Claude Opus 4.7 without requiring API integration or custom agent setup.
SecurityWeekElon Musk testified in court that his AI startup xAI used OpenAI's models to train its own AI system called Grok through model distillation (a technique where a larger AI model teaches a smaller one by transferring knowledge). Model distillation is a common practice in the AI industry, though it can be used legitimately within a single company or potentially misused by competitors trying to copy a rival's AI performance.
Fix: OpenAI's explicitly mentioned mitigations for Advanced Account Security users include: (1) requiring two physical security keys or passkeys instead of passwords, (2) eliminating email and SMS recovery routes in favor of recovery keys, backup passkeys, or physical security keys, (3) blocking OpenAI support team access to recovery options to prevent social engineering attacks on support portals, (4) enforcing shorter sign-in windows and sessions before re-authentication is required, (5) generating login alerts that users can review in their dashboard, and (6) enabling data opt-out from model training by default. OpenAI also partnered with Yubico to offer lower-cost YubiKey bundles to these users. Members of OpenAI's Trusted Access for Cyber program must enable Advanced Account Security by June 1, 2024, or submit an alternative attestation of phishing-resistant authentication through enterprise single sign-on.
Wired (Security)Wiz Red Agent is an AI security tool powered by Anthropic's Claude Opus models that automatically scans production environments (web applications and APIs) to find exploitable security vulnerabilities by reasoning like a human attacker. It analyzes over 150,000 applications weekly and has discovered thousands of previously unknown high and critical security risks across major organizations with zero false positives.
Goodfire, a startup, has created Silico, a tool that uses mechanistic interpretability (a technique for understanding how AI models work by mapping their neurons and the connections between them) to help developers debug and adjust LLM behavior. Instead of treating model development as trial-and-error, Silico lets developers zoom into a trained model, see which neurons control specific behaviors like hallucinations (false information the AI generates), and adjust those neurons to improve or suppress certain outputs.
Fix: OpenAI said it took steps to mitigate the issue by instructing its coding agent Codex to avoid referring to goblins, gremlins, raccoons, trolls, ogres, pigeons, and other creatures "unless it is absolutely and unambiguously relevant to the user's query." The company also retired the "nerdy personality" system that had been incentivizing these mentions.
BBC TechnologyAI-powered GitHub Actions from companies like OpenAI, Anthropic, and Google have a critical security flaw where prompt injection (tricking an AI by hiding instructions in its input) attacks can be triggered by external attackers, even when configuration settings are meant to restrict access. The vulnerability stems from these actions not properly distinguishing between trusted internal apps and untrusted external apps, allowing anyone to potentially manipulate the AI's behavior through pull requests, issues, or other user-controlled inputs.
Fix: The vulnerability was patched by Google in both Gemini CLI and the 'run-gemini-cli' GitHub Action.
SecurityWeekFix: The issue was fixed in @google/gemini-cli versions 0.39.1 and 0.40.0-preview.3, and in run-gemini-cli version 0.1.22. The patches removed implicit workspace trust in headless (non-interactive) environments and now require explicit trust decisions before loading workspace configurations. Additionally, the fix enforces stricter tool allowlisting (a list of permitted commands) to prevent command execution outside intended restrictions. Workflows that pin a specific gemini-cli version are advised to upgrade to a patched release and review their existing Gemini CLI configurations.
CSO OnlineOpenAI is launching GPT-5.5-Cyber, a specialized AI model designed to help organizations defend against cyberattacks, but it will only be available to a limited group of vetted "cyber defenders" rather than the general public. The company plans to roll out access within days and will work with other organizations and government agencies to establish a trusted access system for the model.