aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Industry News

New tools, products, platforms, funding rounds, and company developments in AI security.

to
Export CSV
2890 items

Mythos: are fears over new AI model panic or PR? – podcast

infonews
safetypolicy
Apr 21, 2026

AI company Anthropic announced it created a powerful model called Mythos Preview that can find and exploit software vulnerabilities (weaknesses that attackers could use), and decided not to release it publicly due to concerns about risks to economy, safety, and national security. However, some experts question whether the model is actually as capable as Anthropic claims, and the decision raises questions about whether this move is genuine responsibility or a publicity strategy.

The Guardian Technology

Introducing the CrowdStrike Shadow AI Visibility Service

infonews
securityindustry

v0.14.21

lownews
security
Apr 20, 2026

LlamaIndex v0.14.21 is a maintenance release that fixes several bugs in the core library, including a KeyError (an error when looking up a value in a data structure that doesn't exist) in the DocumentSummaryIndex deletion function, handling of output formatting errors, and UTF-8 encoding issues in file operations. The release also updates dependencies across many embedding and indexing modules to keep the library's supporting code current.

Scaling Codex to enterprises worldwide

infonews
industry
Apr 20, 2026

Codex, an AI tool that generates code and assists with software development tasks, has grown from 3 million to 4 million weekly users and is now being adopted by major enterprises like Virgin Atlantic, Notion, and Cisco to speed up development workflows. OpenAI is expanding Codex adoption through a program called Codex Labs, which provides expert guidance to organizations, and by partnering with global consulting firms (like Accenture and Infosys) to help enterprises integrate Codex into their software development processes at scale.

Tim Cook reactions: Sam Altman, Palmer Luckey react to Apple CEO move

infonews
industry
Apr 20, 2026

Apple announced that CEO Tim Cook, who led the company for nearly 15 years, will be replaced by John Ternus, a senior vice president of hardware engineering, effective September 1, 2025. Tech industry leaders including OpenAI CEO Sam Altman and Oculus founder Palmer Luckey posted congratulatory messages on social media about the leadership transition.

Amazon to invest up to another $25 billion in Anthropic as part of AI infrastructure deal

infonews
industry
Apr 20, 2026

Amazon is investing up to $25 billion more in Anthropic, an AI company known for its Claude AI models (large language models, or LLMs, which are AI systems trained on vast amounts of text to generate human-like responses), on top of an earlier $8 billion investment. As part of this deal, Anthropic will spend over $100 billion on Amazon's cloud services and custom AI chips over the next decade to expand its computing capacity (the processing power needed to train and run AI models). Anthropic made this agreement because its infrastructure has been strained by rapidly growing demand from enterprise customers and users of Claude.

Silicon Valley has forgotten what normal people want

infonews
industry
Apr 20, 2026

The article criticizes tech industry figures for overstating the significance of LLM (large language model, an AI system trained on vast amounts of text) discoveries, using an example of someone claiming that LLMs reveal how knowledge is embedded in language as a breakthrough comparable to the invention of writing. The piece argues that tech insiders have lost touch with what ordinary people actually need and value.

llm-openrouter 0.6

infonews
industry
Apr 20, 2026

The llm-openrouter tool, version 0.6, added a new 'refresh' command that lets users update their list of available AI models without waiting for the cached (temporarily stored) list to expire. This feature was created so users could access newly available models on OpenRouter immediately.

Elon Musk snubs Paris legal summons over alleged child abuse images on X

infonews
policy
Apr 20, 2026

Elon Musk did not attend a voluntary interview with French cybercrime prosecutors investigating his social media platform X and AI chatbot Grok over alleged child abuse images. The French legal authorities noted his absence, though Musk had previously criticized them on X.

Attackers abuse Microsoft Teams to impersonate the IT helpdesk in a new enterprise intrusion playbook

infonews
security
Apr 20, 2026

Attackers are using Microsoft Teams' external access feature to impersonate IT helpdesk staff and convince employees to grant remote control access, exploiting the fact that collaboration platforms enable real-time, convincing interactions. Unlike traditional phishing, this technique leverages social engineering within trusted communication channels to bypass standard malware detections by obtaining user-approved access. The attack reflects an evolution of social engineering tactics that takes advantage of cross-tenant communication capabilities (features allowing external users to contact employees across different organizations) and the growing role of collaboration tools in workplace communication.

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

criticalnews
security
Apr 20, 2026

Researchers discovered a critical vulnerability in Anthropic's Model Context Protocol (MCP, a system that allows AI models to interact with external tools and data) that allows attackers to run arbitrary commands on systems using vulnerable implementations. The flaw affects over 7,000 publicly accessible servers and has been found in popular AI projects like LangChain and LiteLLM, but Anthropic has declined to fix the underlying architectural issue, leaving developers responsible for protecting against it.

CISOs reshape their roles as business risk strategists

infonews
policyindustry

Fracturing Software Security With Frontier AI Models

highnews
securityresearch

Copilot & Agentforce offen für Prompt-Injection-Tricks

highnews
security
Apr 20, 2026

Researchers at Capsule Security discovered prompt injection vulnerabilities (attacks where malicious instructions are hidden in normal-looking inputs) in both Microsoft Copilot Studio and Salesforce Agentforce that allow attackers to trick AI agents into stealing data. In Microsoft's case, attackers can inject malicious commands into SharePoint forms to extract sensitive customer data and send it via email, while in Salesforce's case, they can embed harmful instructions in public lead forms to exfiltrate CRM data at scale.

Claude Mythos – ist der Hype gerechtfertigt?

infonews
securityresearch

Chinese tech workers are starting to train their AI doubles–and pushing back

infonews
industrysafety

Claude Token Counter, now with model comparisons

infonews
industry
Apr 19, 2026

Claude Opus 4.7 introduced an updated tokenizer (a system that breaks text into smaller units for processing) that changes how text is converted into tokens, causing the same input to require 1.0–1.35× more tokens depending on content type. While Opus 4.7 maintains the same pricing as Opus 4.6 ($5 per million input tokens and $25 per million output tokens), this token inflation means users can expect roughly 40% higher costs, though the impact varies by content type (minimal for PDFs at 1.08×, identical for lower-resolution images, but 3× higher for high-resolution images).

OpenAI helps Hyatt advance AI among colleagues

infonews
industry
Apr 19, 2026

Hyatt has deployed ChatGPT Enterprise, which gives its employees access to advanced AI capabilities like GPT 5.4 and Codex (a tool for code generation) across departments such as finance, marketing, and operations. The company is using this technology to automate manual tasks and help teams focus on delivering better customer service. Hyatt worked with OpenAI to provide training sessions so employees could quickly learn how to use AI in their daily work.

SiIicon Valley's AI agent hiccups: Wasted tokens and 'chaotic' systems

infonews
industry
Apr 19, 2026

AI agents (software programs that can perform tasks automatically) are being promoted as the next major breakthrough, but companies are discovering they are unreliable and expensive to operate. The main problems include wasting tokens (units of text that AI processes, which cost money), high inference costs (the expense of running AI models), and system complexity that makes it difficult to manage multiple agents working together without burning through budgets instead of saving money.

Changes in the system prompt between Claude Opus 4.6 and 4.7

infonews
safety
Apr 18, 2026

Anthropic released Claude Opus 4.7 in April 2026 with notable updates to its system prompt (the hidden instructions that guide how an AI behaves), including expanded child safety rules, new tools like Claude in PowerPoint and Chrome browsing agents, and changes to make the model less verbose and more action-oriented. The update shows Anthropic shifting Claude toward trying to solve ambiguous requests using available tools rather than asking users for clarification first.

Previous65 / 145Next
Apr 21, 2026

Organizations typically have far more AI tools running than they realize, including unapproved ones that bypass traditional security controls, a problem called shadow AI (unauthorized AI usage that goes undetected). CrowdStrike's new Shadow AI Visibility Service addresses this by using telemetry-based evidence (data collected from system monitoring) to discover both approved and unapproved AI across endpoints, cloud, and SaaS environments, since most security teams lack visibility into their actual AI footprint.

Fix: CrowdStrike's Shadow AI Visibility Service, powered by the CrowdStrike Falcon platform and delivered by CrowdStrike experts, uses telemetry-based evidence to identify sanctioned and unsanctioned AI usage across endpoint, cloud, and SaaS environments.

CrowdStrike Blog

Fix: Update to llama-index-core version 0.14.21 or later. The fixes are included in this release version, which addresses the KeyError in DocumentSummaryIndex.delete_nodes, ValueError and TypeError from structured output failures, UTF-8 encoding issues in the persistence layer, and the Message Block Buffer Resolution breaking change.

LlamaIndex Security Releases
OpenAI Blog
CNBC Technology
CNBC Technology
The Verge (AI)
Simon Willison's Weblog
The Guardian Technology
CSO Online

Fix: The source recommends several mitigations: block public IP access to sensitive services, monitor MCP tool invocations, run MCP-enabled services in a sandbox (an isolated test environment), treat external MCP configuration input as untrusted, and only install MCP servers from verified sources. Additionally, some vendors have issued patches for their specific products (LiteLLM, Bisheng, and DocsGPT are noted as patched).

The Hacker News
Apr 20, 2026

CISOs (chief information security officers, the top security leaders at companies) are expanding their roles beyond traditional cybersecurity to become broader business risk strategists who manage strategic, operational, and financial risks across their entire organizations. This shift reflects the fact that nearly all business operations are now digital, making any cyber risk a material business risk, and has accelerated since the rise of generative AI (AI systems like ChatGPT that can create new content) and agentic AI (AI systems that can take independent actions). Research shows that most CISOs now share responsibility for enterprise risk management with other executives and are expected to unify regulatory requirements, company risk tolerance, and security controls into a single operating model.

CSO Online
Apr 20, 2026

Frontier AI models (advanced AI systems with sophisticated reasoning abilities) can now autonomously discover software vulnerabilities and plan complex attack chains much faster than before, posing a major security threat. Open source software faces particularly high risk because these AI models can analyze publicly available source code to find bugs, whereas they struggle with compiled code (the executable, non-readable version). As these powerful AI models become widely available, attackers with minimal expertise may launch attacks at unprecedented speed and scale across the entire software ecosystem.

Palo Alto Unit 42

Fix: For Microsoft Copilot Studio: "Microsoft has meanwhile published a patch that has fixed the problem" and "no further measures are required on the part of users." For Salesforce Agentforce: The source text does not describe an explicit patch or mitigation from Salesforce. The source states that "Salesforce acknowledged the prompt injection problem" but classified the data exfiltration issue as "configuration-specific" and pointed to "optional human-in-the-loop controls." General recommendations mentioned include: "input validation, least-privilege access, as well as strict control" and treating "all external inputs as untrusted" while setting up "filters that separate data from instructions."

CSO Online
Apr 20, 2026

Claude Mythos is an AI security model being tested by select organizations, but security researchers at VulnCheck question its real-world impact. Out of 75 CVEs (publicly disclosed software vulnerabilities) mentioning Anthropic, only one has been directly tied to Project Glasswing (the initiative behind Claude Mythos), though more results are expected later in 2026.

CSO Online
Apr 20, 2026

Tech workers in China are being asked by their employers to train AI agents (software programs that can autonomously perform tasks) to automate their own jobs, sparked by tools like Colleague Skill that can extract a worker's skills and habits from workplace chat histories and files to create an AI replica. While some workers find the technology interesting, many feel uncomfortable and alienated by the process, viewing it as reducing their complex work to replaceable modules and raising concerns about job security and worker dignity.

MIT Technology Review
Simon Willison's Weblog
OpenAI Blog
CNBC Technology
Simon Willison's Weblog