New tools, products, platforms, funding rounds, and company developments in AI security.
Meta has released Muse Spark, its first new AI model after spending billions on hiring and infrastructure, but faces pressure to prove it can generate revenue from AI like competitors OpenAI and Google have done. The company is shifting from open-source models (like its previous Llama family) to a proprietary approach, planning to charge developers for API (application programming interface, a way for software to request data or services from other software) access after an initial preview period. Analysts believe Meta's real advantage lies not in competing with other AI labs for developers, but in using the model to improve its core business: advertising to the 3 billion monthly users of Facebook, Instagram, and WhatsApp.
Researchers found that Google API keys (credentials that allow apps to access Google services) embedded in Android applications can be extracted from decompiled code (the readable version of compiled software), potentially allowing unauthorized access to Gemini endpoints (the AI service interfaces). This means attackers could use stolen keys to access Google's Gemini AI service without permission.
YouTube Shorts is launching a new AI feature that lets creators make digital clones of themselves, called avatars, that look and sound like them and can be used in videos. The feature adds to YouTube's struggle with managing AI-generated content, including deepfakes (synthetic videos where someone's face or voice is digitally recreated to look authentic), AI slop (low-quality AI-generated content), and impersonation scams.
LinkedIn has been accused by a European company of secretly scanning users' computers for installed software and sharing that data with third parties, without user consent or disclosure in its privacy policy. LinkedIn denies the core accusation but acknowledges it scans for browser extensions (software that adds features to web browsers) to detect abuse, though it did not clarify whether it uses the collected data only for that purpose.
Google is adding a feature called "notebooks" to Gemini (its AI chatbot) that lets users organize files, past conversations, and custom instructions about specific topics in one place. Gemini can then use this organized information as context (background information the AI considers) when answering questions, similar to ChatGPT's Projects feature from 2024.
OpenAI is running a skill-based contest during the 2026 IPL cricket season where eligible Indian residents can use ChatGPT's Full Fan Mode feature to generate images, share them on Instagram with creative captions, and tag @chatgptindia for a chance to win prizes. The contest requires participants to be at least 18 years old, have a public Instagram account, be registered OpenAI users, and submit only images generated through the Full Fan Mode tool that comply with OpenAI's policies and Instagram's terms.
CyberAgent, a Japanese internet company, adopted ChatGPT Enterprise and Codex to make AI a foundational technology across their organization rather than just an isolated initiative. The company faced challenges around security concerns and uncertainty about what data could safely be shared with AI tools, which slowed adoption and created inconsistent usage across departments.
A federal appeals court in Washington, D.C. denied Anthropic's request to temporarily block the Department of Defense's blacklisting of the company as a supply chain risk (a designation claiming the company's technology threatens U.S. national security). The ruling means Anthropic is excluded from DOD contracts, though a separate court earlier granted Anthropic an injunction allowing it to continue working with other government agencies while the lawsuit challenging the blacklisting continues.
OpenAI's CFO announced that the company plans to reserve shares for individual investors when it goes public through an initial public offering (IPO, the first time a private company sells shares to the public). The company saw strong demand from regular retail investors during its recent funding round and wants to ensure broad public participation in ownership, following models used by other companies like Tesla and Block.
Amazon Bedrock AgentCore's starter toolkit automatically creates overly broad IAM roles (identity and access management policies that control what actions software can perform) that grant a single AI agent excessive permissions across an entire AWS account, enabling an attack called Agent God Mode. If compromised, an attacker could exploit these permissions to access other agents' memories, steal container images, and extract sensitive data. AWS updated its documentation to warn that the default roles are only for development and testing, not production use.
This article discusses OpenAI's economic proposals and how policymakers in Washington, DC are responding to them. The content focuses on the political landscape surrounding AI regulation rather than a technical issue or vulnerability.
In the second half of 2025, DDoS attacks (distributed denial-of-service, where attackers flood a target with traffic to shut it down) became more powerful and easier to launch due to three major changes: IoT botnets (networks of hacked internet-connected devices like routers) reached attack capacities of 30 terabits per second, AI and dark-web LLMs (large language models, AI systems trained on text data) made sophisticated attacks accessible to less-skilled attackers through simple conversational prompts, and DDoS-for-hire services became more widely available. Critical infrastructure like DNS servers (systems that translate website names into IP addresses) and government and finance sectors faced sustained pressure from groups coordinating attacks across multiple countries.
Meta has released Muse Spark, a new AI model designed to be small and efficient while still capable of reasoning through complex questions in science, math, and health. The model represents Meta's attempt to compete in the AI market dominated by OpenAI, Google, and Anthropic, and will be integrated into Meta's apps like Facebook, Instagram, and WhatsApp, with plans to offer API (application programming interface, a way for developers to access software features) access to external developers.
Meta has launched a new AI model called Muse Spark, designed specifically to work with Meta's products like WhatsApp, Instagram, Facebook, and Messenger. The model is now available in the Meta AI app and website in the US, with plans to expand to other countries and Meta's smart glasses in the coming weeks.
This newsletter covers multiple topics including geopolitical tensions, AI regulation, and market movements, with a focus on Iran's ceasefire allegations against the U.S., Anthropic's court loss regarding Pentagon blacklisting over AI safeguard disagreements, and Federal Reserve expectations for interest rate cuts in 2026.
In March 2026, organizations faced an average of nearly 2,000 cyber-attacks per week, showing a slight 4-5% decrease but remaining at historically high levels. The threat landscape continues to be driven by automation, expanded attack surfaces from cloud adoption, and risks related to GenAI (generative AI, where systems create new content from training data) usage.
OpenAI has paused its Stargate project in the U.K., which was planned to deploy up to 8,000 graphics processing units (GPUs, the specialized hardware used to train and run AI models) for AI infrastructure. The company cited two main reasons: the U.K.'s high industrial energy costs and concerns about the country's regulatory environment, particularly new rules being developed around how AI models can use copyrighted work.
Shadow AI refers to AI tools that employees use without approval from their organization's IT and security teams, operating outside security oversight and creating hidden risks. Unlike shadow IT (unapproved software), shadow AI is particularly dangerous because it processes and stores sensitive data beyond security teams' visibility, leading to potential data leaks, expanded attack surfaces (new entry points for hackers), and bypassed security controls. The problem is spreading because AI tools are easy to use, instantly helpful, and many organizations lack clear policies on their use.
Trail of Bits released a new Testing Handbook chapter focused on security code review for C and C++, covering common bug classes like memory safety issues, integer errors, and type confusion across Linux, Windows, and seccomp (secure computing mode, a Linux feature that restricts system calls) environments. They are also developing a Claude skill that uses an LLM (large language model) to automatically find bugs by running checklist-based prompts against codebases. The handbook emphasizes manual code review techniques and includes platform-specific vulnerabilities like DLL planting on Windows and sandbox bypasses in Linux seccomp filters.
Fix: CyberAgent addressed these challenges by adopting ChatGPT Enterprise, which provides enterprise-grade security features, access controls, account management, and visibility into usage that allow employees to confidently use AI. The company also established internal guidelines for handling confidential information to ensure safe and secure use, and provided ongoing training support to build a culture of responsible AI adoption.
OpenAI BlogAnthropic has developed an AI model called Claude Mythos that is unusually good at finding software vulnerabilities (security weaknesses in code), and it discovered thousands of these flaws in commonly-used applications that don't yet have fixes available. The company decided not to release Mythos widely to the public because they worry it could enable widespread hacking, and instead partnered with cybersecurity specialists to improve defenses before wider distribution.
Fix: AWS documentation was updated to include a security warning, stating that the default roles are "designed for development and testing purposes" and are not recommended for production deployment.
Palo Alto Unit 42