aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Industry News

New tools, products, platforms, funding rounds, and company developments in AI security.

to
Export CSV
2907 items

Webinar Today: Agentic AI vs. Identity’s Last Mile Problem

infonews
securityindustry
Apr 1, 2026

This webinar discusses agentic AI (AI systems that can plan and take actions independently to complete tasks), its current capabilities and limitations, and how disconnected applications create identity security vulnerabilities that have led to real breaches. The event explores the 'last mile problem' in identity security, which refers to the final challenge of verifying user identity across systems that don't communicate well with each other.

SecurityWeek

Block the Prompt, Not the Work: The End of "Doctor No"

infonews
securitypolicy

AI can push your Stream Deck buttons for you

infonews
industry
Apr 1, 2026

Elgato's Stream Deck 7.4 software update now supports MCP (Model Context Protocol, a standard that lets AI assistants interact with software tools), allowing AI chatbots like Claude and ChatGPT to automatically activate Stream Deck buttons instead of requiring manual button presses. Users can now request actions through voice or text, and the AI will trigger the corresponding Stream Deck functions.

Claude Code users hitting usage limits 'way faster than expected'

mediumnews
securitysafety

Mutation testing for the agentic era

infonews
securityresearch

Google Addresses Vertex Security Issues After Researchers Weaponize AI Agents

mediumnews
security
Apr 1, 2026

Palo Alto Networks revealed security problems in Google Cloud Platform's Vertex AI (Google's AI service for building and deploying machine learning models) after researchers demonstrated how to weaponize AI agents, which are autonomous programs that can perform tasks with minimal human input. Google has begun addressing these disclosed security issues.

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

highnews
securityprivacy

I wore Meta’s smartglasses for a month – and it left me feeling like a creep

infonews
safetyprivacy

Attack Surface Management – ein Kaufratgeber

infonews
securityindustry

datasette-enrichments-llm 0.2a0

infonews
industry
Mar 31, 2026

This is a brief announcement about datasette-enrichments-llm version 0.2a0, posted by Simon Willison on April 1st, 2026. The content primarily consists of a sponsorship pitch for a monthly email digest covering important LLM (large language model) developments, rather than discussing a specific security issue or technical problem.

datasette-llm-usage 0.2a0

infonews
industry
Mar 31, 2026

datasette-llm-usage version 0.2a0 removed features for tracking allowances and pricing, which moved to a separate tool called datasette-llm-accountant, and added the ability to log complete prompts, responses, and tool calls (automated functions the AI can call) to a database table if enabled through a configuration setting. The simple prompt page was redesigned and now requires specific user permissions to access.

datasette-llm 0.1a5

infonews
industry
Mar 31, 2026

datasette-llm 0.1a5 is a release of a plugin that lets other software tools integrate with large language models. The update improves the llm_prompt_context() plugin hook (a mechanism that other plugins can connect to), so it now tracks both individual prompts and chains of prompts executed together, including tool call loops (repeated back-and-forth exchanges between the AI and external functions).

Anthropic employee error exposes Claude Code source

highnews
security
Mar 31, 2026

An Anthropic employee accidentally exposed the source code for Claude Code (an AI programming tool) by leaving a source map file (.map file, a debugging file that translates minified code back to human-readable form) in a package published on npm (a registry where developers share code). This is a security risk because hackers can use source maps to understand how the code works, find vulnerabilities, and potentially steal secrets like API keys that might be hidden in the code.

Gradient Labs gives every bank customer an AI account manager

infonews
industry
Mar 31, 2026

Gradient Labs has built an AI system that acts as a dedicated account manager for bank customers, handling complex issues like fraud and blocked payments by following strict procedures. The system uses OpenAI models (specifically GPT-5.4 mini and nano for production) and includes 15+ guardrail systems (safety checks running in parallel) to ensure conversations stay compliant and accurate, achieving 97% trajectory accuracy (following the correct procedure path from start to finish) compared to competitors at 88%.

Claude Code source code accidentally leaked in NPM package

highnews
securityprivacy

Claude Code leak exposes a Tamagotchi-style ‘pet’ and an always-on agent

highnews
securityprivacy

OpenAI, parent firm of ChatGPT, closes $122bn funding round amid AI boom

infonews
industry
Mar 31, 2026

OpenAI, the company behind ChatGPT, completed a $122 billion funding round and reached a valuation of $852 billion, making it one of the world's most valuable private companies. The funding came from major tech companies like Amazon, Nvidia, and SoftBank, along with individual investors, and reflects the rapid growth in the AI industry.

Claude AI finds Vim, Emacs RCE bugs that trigger on file open

highnews
security
Mar 31, 2026

Claude AI helped discover remote code execution (RCE, where attackers can run commands on a system they don't own) vulnerabilities in Vim and GNU Emacs text editors that trigger simply by opening a malicious file. In Vim, the issue involved improper security checks in modeline handling (special instructions at the start of a file), while in GNU Emacs, the vulnerability exploits automatic Git operations that run user-defined programs from untrusted configuration files.

datasette-llm 0.1a4

infonews
industry
Mar 31, 2026

This is a brief announcement about datasette-llm version 0.1a4, posted by Simon Willison on March 31, 2026. The content primarily promotes a monthly sponsorship option for curated LLM (large language model) news digests rather than discussing technical details, vulnerabilities, or features of the software itself.

OpenAI closes record-breaking $122 billion funding round as anticipation builds for IPO

infonews
industry
Mar 31, 2026

OpenAI closed a record $122 billion funding round, valuing the company at $852 billion, with major investors including SoftBank, Amazon, and Nvidia. The company, which launched ChatGPT in 2022, now has over 900 million weekly active users and generates $2 billion in monthly revenue, though it is not yet profitable. OpenAI is preparing for a potential IPO while reducing spending on certain projects like its video app Sora.

Previous82 / 146Next
Apr 1, 2026

Traditional enterprise security approaches that simply block access to AI tools and websites create a "Workaround Economy" where employees bypass controls through unmanaged alternatives like personal email or browser extensions, resulting in zero organizational visibility and increased risk. The article argues that blocking tools is ineffective because security tools like firewalls and endpoint agents (software that monitors device activity) either break user experience or remain blind to threats like browser extensions harvesting data, as illustrated by a law firm that blocked DeepSeek but discovered 70% of users had installed invisible AI wrapper extensions routing traffic overseas.

The Hacker News
The Verge (AI)
Apr 1, 2026

Claude Code users are experiencing unexpected rapid consumption of tokens (the units of payment for using AI services), hitting their usage limits much faster than expected. Anthropic announced it is investigating the issue as a top priority, though the exact cause remains unclear. The problem may be compounded by recent peak-hour throttling (slowing service during high-demand times to manage load), which causes tokens to be consumed more quickly.

BBC Technology
Apr 1, 2026

Code coverage metrics can be misleading because they measure whether code runs, not whether it's actually tested—a gap that mutation testing (introducing intentional bugs to check if tests catch them) can reveal. The article announces MuTON and mewt, new mutation testing tools designed for AI agents that work across multiple programming languages, addressing limitations of older regex-based tools like universalmutator that were slow and couldn't handle complex code patterns.

Trail of Bits Blog
SecurityWeek
Apr 1, 2026

Anthropic confirmed that Claude Code's source code was accidentally leaked through an npm package (a JavaScript library repository) containing a source map file, exposing nearly 2,000 TypeScript files and over 512,000 lines of code. The leaked code revealed internal features like a self-healing memory architecture and a stealth mode for making hidden contributions to open-source projects, creating security risks because attackers can now study how the system works to bypass its safeguards. Additionally, users who downloaded the affected version between specific times on March 31, 2026 may have received a trojanized HTTP client (compromised software) containing malware.

Fix: Anthropic stated it is 'rolling out measures to prevent this from happening again.' Users who installed or updated Claude Code via npm on March 31, 2026 between 00:21 and 03:29 UTC are advised to immediately downgrade to a safe version and rotate all secrets (regenerate passwords and access keys).

The Hacker News
Apr 1, 2026

Meta's smartglasses include a built-in camera and AI assistant (software that can understand and respond to user requests) that can describe what the wearer is looking at and provide information like weather forecasts. The article explores how these devices raise privacy concerns, with some people calling them problematic because they can record video of others without their knowledge or consent.

The Guardian Technology
Apr 1, 2026

This article is a buying guide for Attack Surface Management tools, which help companies find and reduce the digital resources that attackers could potentially target. The article explains that CAASM (Cyber Asset Attack Surface Management) and EASM (External Attack Surface Management) tools continuously monitor for new assets and security configuration problems, with increasing use of agentic AI (AI systems that can take independent actions) to identify and reduce risks.

CSO Online
Simon Willison's Weblog
Simon Willison's Weblog
Simon Willison's Weblog

Fix: According to secure coding trainer Tanya Janca, developers should: (1) disable source maps in the build/bundler tool; (2) add the .map files to the .npmignore or package.json files field to explicitly exclude them, even if generated during the build by accident; and (3) exclude them from production. Anthropic stated they are 'rolling out measures to prevent this from happening again,' though specific details are not provided in the source.

CSO Online

Fix: The source describes Gradient Labs' approach to ensuring reliability rather than discussing a fix to a problem: they replay real customer conversations to compare system behavior against expected procedures, generate synthetic conversations to test edge cases before deployment, and give teams control over how the system is introduced by analyzing historical support data to map customer issue types.

OpenAI Blog
Mar 31, 2026

Anthropic accidentally leaked the closed-source code for Claude Code when they published version 2.1.88 on NPM, which included a 60 MB source map file (a debugging file that links compiled code back to original source code) containing approximately 1,900 files and 500,000 lines of code. Anthropic confirmed no customer data or credentials were exposed and stated this was a human error in release packaging, not a security breach. The company is also investigating a separate bug where Claude Code users are hitting usage limits much faster than expected.

Fix: Anthropic stated they are 'rolling out measures to prevent this from happening again.' The company has also begun issuing DMCA infringement notifications to take down the leaked source code where possible online.

BleepingComputer
Mar 31, 2026

Anthropic's Claude Code version 2.1.88 update accidentally included a source map file (a file that maps compiled code back to its original TypeScript source code) containing over 512,000 lines of the tool's internal code. The leak exposed details about upcoming features, AI instructions, and the system's memory architecture.

The Verge (AI)
The Guardian Technology

Fix: For Vim: A patch was released in version 9.2.0272 that addresses the vulnerability (all versions 9.2.0271 and earlier are affected). For GNU Emacs: The maintainers have not patched the issue, but the researcher suggested that GNU Emacs could modify Git calls to explicitly block 'core.fsmonitor' to prevent dangerous scripts from executing automatically. Until a patch is released, users are advised to exercise caution when opening files from unknown sources or downloaded online.

BleepingComputer
Simon Willison's Weblog
CNBC Technology