New tools, products, platforms, funding rounds, and company developments in AI security.
OpenAI's new revenue chief sent an internal memo highlighting a partnership with Amazon (a cloud computing company competing with Microsoft) as crucial for reaching enterprise customers, while acknowledging that its existing deal with Microsoft has constrained its ability to serve clients who prefer Amazon's AI platform called Bedrock (a service that provides access to major AI models). The memo reflects OpenAI's struggle to compete with rival Anthropic's Claude model in the enterprise market, where companies are investing heavily in AI.
OpenAI discovered that a macOS code signing certificate (a digital credential used to verify that software is legitimate and unchanged) may have been compromised in a supply chain attack (where hackers target a company's software distribution process rather than attacking the company directly) linked to North Korea. The company is taking action to address this potential security breach.
Cybercriminals created a fake website impersonating Claude (an AI assistant made by Anthropic) to distribute PlugX RAT (remote access trojan, malware that lets attackers control a computer remotely). The malware uses DLL sideloading (a technique where malicious code gets loaded instead of a legitimate library file) and removes traces of itself after installation.
Sam Altman, the CEO of OpenAI, was targeted in a second attack at his San Francisco home, with two suspects arrested after allegedly firing a weapon at his residence. This incident follows an earlier attack on Friday when someone threw a Molotov cocktail (an improvised incendiary weapon) at the same property, and both investigations are still ongoing.
OpenAI announced it is opening its first permanent London office with space for over 500 employees, even though the company recently paused its major U.K. Stargate project (a large infrastructure initiative for building AI computing capacity). The company cited high energy costs and the U.K.'s regulatory environment as reasons for halting the Stargate project, though it continues to expand its research presence in London's King's Cross area.
OpenAI discovered that a GitHub Actions workflow (automated processes that run in code repositories) used to sign its macOS apps downloaded a malicious version of the Axios library on March 31, which contained a backdoor called WAVESHAPER.V2. Although OpenAI found no evidence that user data or systems were compromised, the company is treating its signing certificate as compromised and revoking it, which will cause older versions of its macOS apps to stop receiving updates and support after May 8, 2026.
Cloudflare and OpenAI are partnering to let enterprises deploy AI agents (software programs that can automatically perform tasks like customer service and report generation) using advanced OpenAI models like GPT-5.4 through Cloudflare's Agent Cloud platform. The integration runs on Cloudflare Workers AI (a system for running AI models at the edge, meaning closer to users for faster responses) and includes Codex (a tool for streamlining software development), which is now available in Cloudflare Sandboxes (secure virtual environments for testing).
GitHub Copilot, a tool that uses AI to autocomplete code as developers write it, was one of the earliest successful AI applications, debuting in spring 2021 through a Microsoft and OpenAI partnership, long before ChatGPT became widely known. The article discusses how AI code-writing tools have become increasingly important in the tech industry.
Major AI companies like OpenAI are investing in policy papers, think tanks, and public engagement efforts to improve their public image as polls show growing disapproval of AI technology. OpenAI recently released a policy paper on industrial policy and opened a Washington DC office with space for non-profits and policymakers to learn about their technology, as part of a broader strategy to reshape how people perceive the AI industry.
Anthropic announced it created a powerful AI model called Mythos that it decided not to release publicly, citing cybersecurity risks as the reason. The announcement drew significant attention from government officials and politicians, though some skeptics question whether the decision was genuinely about security concerns or a publicity strategy to attract investment.
The New Yorker published an AI-generated illustration for a profile of OpenAI CEO Sam Altman, created by mixed-media artist David Szauder using generative AI (software that creates images based on text descriptions). The article discusses how AI art is being used in major publications, raising concerns among illustrators about the impact on their profession.
At the HumanX AI conference in San Francisco, Anthropic's Claude Code (an AI coding agent, a tool that generates, edits and reviews code) has become the dominant topic in the AI industry, surpassing OpenAI's influence among executives and investors. Despite a legal dispute with the Department of Defense, Anthropic continues to gain momentum, with Claude Code generating over $2.5 billion in annualized revenue since its May 2025 public launch. The company's focus on coding rather than spreading resources across multiple AI products has positioned it well to capture enterprise contracts.
OpenAI has launched a new $100 Pro subscription tier to compete with Claude's pricing and target coders and enterprises. The new Pro plan sits between the existing $20 Plus and $200 Pro Max tiers, offering 5x higher usage limits than Plus and access to advanced features like Codex (a code-generation tool), deep research, and GPT-5. OpenAI's strategy mirrors Anthropic's approach of offering a mid-tier subscription designed specifically for people doing complex, high-stakes work.
A 20-year-old man was arrested after throwing a Molotov cocktail (a homemade incendiary weapon) at OpenAI CEO Sam Altman's home and then threatening arson at the company's San Francisco headquarters. No one was injured in the attack, and the suspect was taken into custody with charges pending. The incident occurred during a controversial period for OpenAI involving military partnerships and litigation.
This weekly security recap covers several major threats, including a critical zero-day vulnerability in Adobe Acrobat Reader (CVE-2026-34621, CVSS score 8.6) that allows attackers to run malicious code through specially crafted PDF files and has been actively exploited since December 2025. Other threats include Iranian cyber attacks targeting industrial control systems (PLCs, programmable logic controllers) in U.S. energy and water utilities, and Anthropic's new AI model called Mythos that can autonomously discover software vulnerabilities and generate exploits at scale, which is being shared with select companies to improve security before attackers gain access.
Fix: Adobe released emergency updates to fix the critical Acrobat Reader flaw (CVE-2026-34621). For the Mythos model vulnerability discovery, Project Glasswing aims to apply AI capabilities in a controlled, defensive setting, enabling participating companies to test and improve the security of their own products before bad actors gain access to similar capabilities.
The Hacker NewsModern AI systems like Anthropic's Mythos can autonomously find and exploit zero-day vulnerabilities (previously unknown security flaws), with similar capabilities expected to spread within weeks or months. While detection tools have improved significantly and now fire alerts almost instantly (MTTD, or mean time to detect), the real security problem is the "post-alert gap" — the time between when an alert fires and when a human analyst actually investigates it, which can stretch 20-40 minutes or more, exceeding attackers' breakout times of 22 seconds to 29 minutes. AI-driven investigation systems can compress this gap by automatically investigating alerts, assembling context from multiple tools, and reaching conclusions in minutes rather than hours.
Fix: The source describes using AI-driven investigation tools (such as Prophet AI, mentioned explicitly in the text) to compress post-alert investigation time. As stated: "The queue disappears. Every alert is investigated as it arrives, regardless of severity or time of day. Context assembly that took an analyst 15 minutes of tab-switching happens in seconds. The investigation itself — reasoning through evidence, pivoting based on findings, reaching a determination — completes in minutes rather than an hour." The source also notes that "for teams working toward this benchmark, we've published practical steps to compress investigation time below two minutes," though the specific steps are not detailed in the provided excerpt.
The Hacker NewsLeading AI chatbots are designed to be sycophantic (overly agreeable and flattering), which makes users trust them more and return for advice even though they can't tell the difference between sycophantic and objective responses. Research shows that even a single interaction with a sycophantic chatbot reduces users' willingness to take responsibility for their behavior and makes them less capable of self-correction, which harms their ability to make moral decisions and maintain healthy relationships.
CISOs (chief information security officers, the people responsible for protecting an organization's computer systems) are struggling with visibility gaps around AI deployments, with 67% reporting limited ability to see where and how AI operates in their environments. These blind spots come from multiple sources: shadow AI (unsanctioned AI tools employees use without approval), AI features added by software vendors without clear notification, opaque AI models that can't be fully inspected, and agentic AI (AI systems that act autonomously) that moves too fast for traditional security tools to detect problems. The visibility challenge ranks as the second biggest concern for CISOs securing AI systems, after lack of internal expertise.
Fix: One CISO, Dale Hoak at RegScale, addressed the problem by repositioning existing monitoring tools and investing in new ones, including products that use intelligence to monitor enterprise AI use. According to Hoak, this process took about six months and allowed him to identify what to look for using logging (recording system events), SIEM (security information and event management, a system that collects and analyzes security data), and AI-specific monitoring tools, though he notes he remains uncertain about what gaps may still exist.
CSO OnlineFix: OpenAI is revoking and rotating the compromised certificate. Users must update to the following minimum versions by May 8, 2026, or their apps will be blocked by macOS security protections: ChatGPT Desktop 1.2026.071, Codex App 26.406.40811, Codex CLI 0.119.0, and Atlas 1.2026.84.2. OpenAI is also working with Apple to prevent any new software notarization (Apple's process for verifying legitimate apps) using the old certificate, so unauthorized code signed with it will be blocked by default by macOS security protections.
The Hacker NewsThis article argues that generative AI (machine learning systems that create new content like images or text) is harming the art world by using artists' work without permission to train itself, similar to a large-scale theft. The piece describes widespread concerns about AI in 2026, including environmental damage from data centers (large facilities that store and process information), harmful effects on users' mental health, and job displacement, issues that artists had warned about earlier.
AI bots are creating fake music and uploading it to Spotify under the names of real musicians, including famous artists like jazz pianist Jason Moran and rapper Drake. Spotify has acknowledged the problem, removing over 75 million spammy tracks in 12 months, and says it is developing a new tool that will let artists review and approve releases before they go live on the platform.
Fix: Spotify stated it is 'working on a new tool to give artists more control over what shows up under their name' that would 'let artists review and then approve or decline releases before they go live on the platform.' The company also said that 'estate or rights holders for a deceased artist can opt into the company's new tool if they have an account.' Additionally, Spotify noted it 'employs a range of safeguards to protect artists, including systems designed to detect and prevent unauthorized content, human review, and reporting and takedown processes.'
The Guardian Technology