New tools, products, platforms, funding rounds, and company developments in AI security.
Google DeepMind has released Gemma 4, a family of open-source AI models available in four sizes (2B to 31B parameters, where parameters are the trainable weights in a neural network) designed for complex reasoning and agentic workflows (AI systems that can autonomously plan and use tools to complete tasks). The models are optimized to run efficiently on various hardware from mobile phones to workstations and support advanced features like multimodal processing (handling text, images, video, and audio), function-calling for tool integration, and context windows up to 256K tokens (units of text the model can process in one response).
This article reports on 38 cybersecurity mergers and acquisitions (M&A, or business deals where one company buys another) announced in March 2026 by major companies including Airbus, Cellebrite, Databricks, Quantum eMotion, Rapid7, and OpenAI. The source provides only a high-level announcement of these deals without detailed technical or security content.
BRICKSTORM is a malware campaign targeting VMware vSphere environments, specifically the vCenter Server Appliance (VCSA) and ESXi hypervisors (the software that runs virtual machines), by exploiting weak security architecture rather than software vulnerabilities. Attackers establish persistence at the virtualization layer (the foundational control software beneath guest operating systems), where traditional security tools like EDR (endpoint detection and response, software that monitors computers for threats) cannot see them, allowing them to gain administrative control over entire virtual infrastructure. The VCSA is particularly attractive to attackers because compromising it grants full control over all virtual machines and their data.
Microsoft has reorganized its AI leadership, with Mustafa Suleyman taking on a new role as the company's first CEO of AI focused specifically on pursuing superintelligence (AI systems that would surpass human intelligence across all tasks). The company's renegotiated contract with OpenAI has enabled this strategic shift, which Suleyman says he had been planning for nearly a year.
Google has released an update to its Home app that improves Gemini (Google's AI assistant) at understanding natural language commands for controlling smart home devices. The update allows users to describe desired settings in more natural ways, such as requesting "the color of the ocean" for lighting or specifying exact temperatures and humidity levels, and improves Gemini's ability to identify which devices are being controlled.
OpenAI has acquired TBPN, a media platform that covers AI news and hosts conversations with influential figures in tech and business. The acquisition aims to help OpenAI communicate more effectively about AI's impact on society while keeping TBPN's editorial independence intact.
OpenAI has introduced more flexible pricing for Codex, a code-generation AI tool that helps developers write software faster. Teams can now add Codex-only seats with pay-as-you-go pricing (meaning you only pay for what you use based on tokens, the small units of text the AI processes) instead of paying a fixed fee per person, and ChatGPT Business pricing has been lowered from $25 to $20 per seat annually. The company is also offering $100 in credits per new Codex-only user (up to $500 per team) to help teams try out the tool.
Variance, a company building a compliance investigation platform that uses AI agents (autonomous AI systems that can perform tasks independently), has raised $21.5 million in new funding, bringing its total funding to $26 million. The funding will be used to grow the platform's capabilities.
Model Context Protocol (MCP, a system that connects AI agents to data sources) has become popular in businesses but faces security risks like prompt injection (tricking an AI by hiding instructions in its input), token theft, and data leaks. While progress has been made with features like OAuth support and an official MCP Registry, companies need tools to implement proper access controls, authorization checks, and detailed logging to protect sensitive data.
datasette-llm 0.1a6 is a plugin (add-on software) that helps integrate LLMs into the datasette data tool. This release simplifies configuration by automatically adding a default model to the allowed models list, so developers don't have to list the same model ID twice.
This is an announcement about datasette-enrichments-llm version 0.2a1, a tool that combines datasette (a database publishing platform), llm (a language model interface), and enrichments (adding extra data to existing information). The post is from Simon Willison dated April 1st, 2026, and appears to be part of a monthly briefing about LLM developments.
PlayStation console prices have risen significantly over five years, breaking the historical trend of consoles becoming cheaper over time. The article argues that AI data centres demanding massive amounts of computing power for RAM and storage have increased hardware costs, contributing to these price hikes alongside other factors like global conflicts and inflation.
Indirect prompt injection (IPI) is a security threat where attackers hide malicious instructions in data or tools that an AI system uses, potentially influencing how it behaves without direct user input. Google treats IPI as an ongoing challenge rather than a one-time problem to solve, using multiple continuous strategies including human red-teaming (adversarial simulations), automated red-teaming (machine-learning-driven attack testing), a vulnerability rewards program for external researchers, and monitoring of publicly disclosed attacks to stay ahead of evolving threats.
Threat actors are now embedding AI into their cyberattacks to make them more effective and precise, rather than just faster. AI is helping attackers craft better phishing emails (resulting in 54% click-through rates versus 12% traditionally), develop malware, and steal data more efficiently, while humans still oversee the operations. Organizations face a major security challenge because AI-enabled phishing is now far more targeted and harder to defend against at scale, especially when combined with systems designed to bypass multifactor authentication (MFA, a security method that requires multiple forms of verification).
Kintsugi, a California startup, spent seven years developing AI to detect depression and anxiety by analyzing how someone speaks rather than what they say. The company is shutting down after failing to get FDA (Food and Drug Administration, the U.S. agency that approves medical products) clearance, though it is releasing its technology as open-source software so others can use and build on it.
This article discusses concerns about the rapid advancement of AI technology and argues that progressive voices are not adequately addressing the risks of automation and economic disruption. The author expresses skepticism about AI industry leaders, using Anthropic's CEO as an example, questioning whether their stated commitment to safe AI development should be trusted despite their public statements about safety concerns.
Fix: Mandiant released a vCenter Hardening Script that enforces security configurations at the Photon Linux layer (the underlying operating system of vCenter). Organizations should implement the hardening recommendations provided in the guide to transform the virtualization layer into a hardened environment capable of detecting and blocking persistent threats, including establishing custom security configurations at both the vSphere and Photon Linux layers.
Google Threat IntelligenceAI is making software development faster and easier, creating a future where custom applications can be written and deleted on demand, but this also means AI tools are getting better at finding and exploiting vulnerabilities in code. Both attackers and defenders are using AI for cybersecurity, creating an 'arms race' where attackers can automatically discover and exploit flaws while defenders can use similar AI tools to find and patch vulnerabilities before attackers exploit them.
Anthropic was developing Claude Mythos, an advanced AI model with improved abilities in vulnerability discovery (finding weaknesses in software) and exploit development (creating tools to attack those weaknesses). This capability means AI can now help attackers find and exploit security flaws more quickly and at larger scale than before, making cyber defense significantly more challenging.
Anthropic accidentally leaked nearly 2,000 internal files and 500,000 lines of code for its Claude Code AI tool due to human error, when an internal file was mistakenly included in a software update and pointed to an archive that was quickly copied to GitHub. The leaked source code spread widely on social media and became GitHub's fastest-ever downloaded repository before Anthropic issued copyright takedown requests to limit its distribution.
Fix: Anthropic issued copyright takedown requests to try to contain the code's spread.
The Guardian TechnologyResearcher Hung Nguyen used Anthropic's Claude Code (an AI tool for analyzing code) to quickly discover zero-day exploits (previously unknown security flaws) in Vim and GNU Emacs, two widely-used text editors. Claude Code found vulnerabilities that would allow attackers to execute arbitrary code (run commands they don't control) simply by tricking users into opening malicious files, and even generated proof-of-concept exploits (working examples of attacks) within minutes.
Fix: For Vim: The vulnerability (CVE-2026-34714, CVSS score 9.2) was fixed by the maintainers in version 9.2.0272. For GNU Emacs: The source text states that GNU Emacs maintainers declined to address the issue and believes it to be a problem with Git instead; Nguyen suggests manual mitigations but the source does not explicitly describe what those mitigations are.
CSO Online