New tools, products, platforms, funding rounds, and company developments in AI security.
Synthetic identity fraud, where criminals create fake people using AI-generated documents and deepfakes (realistic fake videos or audio), is becoming a major threat in estate and identity verification work. Traditional security checks that look at device fingerprints or typing patterns are no longer reliable because AI can now imitate these signals. The text explains that the real challenge by 2026 will be distinguishing legitimate people from manufactured personas, especially in high-stakes situations involving inheritance and family claims.
Fix: The source suggests moving from asking "Who is this?" to a more forensic approach: "How did this identity—and its digital footprint—come to exist?" This shift means prioritizing provenance (where the identity originated), issuer verification (confirming documents are real), and cross-channel consistency (checking if the person's presence makes sense across multiple systems) over accepting surface-level plausibility. However, the text does not provide specific technical implementations or detailed steps for executing this approach.
CSO OnlineChinese AI companies saw significant stock gains after Nvidia CEO Jensen Huang praised OpenClaw, an open-source AI agent (a program that can perform tasks independently), as "the next ChatGPT." Companies like MiniMax and Zhipu, which are among China's leading AI developers building large language models (AI systems trained on huge amounts of text to understand and generate language), have integrated OpenClaw into their products and are launching their own versions based on it.
This is a curated list of hacker-themed films arranged chronologically, from War Games (1983) to Live Free or Die Hard (2007), intended for security professionals who enjoy cinema. The article provides plot summaries, genres, and review scores from multiple sources for each film, with a note that the list may cause procrastination.
Nvidia CEO Jensen Huang highlighted OpenClaw, an open-source autonomous AI agent platform (a system that can complete tasks and make decisions with minimal human input, unlike traditional chatbots), calling it "the next ChatGPT" and a major breakthrough in AI interaction. Nvidia launched NemoClaw, an enterprise version of OpenClaw that adds security, scalability, and oversight tools to make these autonomous agents safe for real-world business use, addressing concerns about security, privacy, and control as these systems gain the ability to act independently.
OpenAI is preparing for an initial public offering (IPO, where a private company sells shares to the public) potentially by the end of 2024, with leadership telling employees that ChatGPT must focus on being a productivity tool for businesses. The company is shifting strategy to convert its 900 million weekly users into enterprise customers and has scaled back its infrastructure spending targets from $1.4 trillion to $600 billion by 2030 to present a more realistic financial picture to investors.
OpenAI released two new smaller AI models, GPT-5.4 mini and GPT-5.4 nano, that are cheaper and faster than previous versions. GPT-5.4 nano is particularly affordable at $0.20 per million input tokens, making it economical for tasks like image description, where describing 76,000 photos would cost around $52.
This is a monthly briefing about LLM (large language model) developments from March 2026, curated by Simon Willison. The content appears to be a sponsorship announcement for a paid email digest service rather than a discussion of a specific AI issue or vulnerability.
The EU AI Act, effective August 2, 2026, classifies AI systems used in hiring and employment decisions (such as candidate screening, ranking, and performance monitoring) as high-risk and requires businesses that deploy them to conduct risk assessments, perform bias testing, maintain human oversight, and provide transparency disclosures. Staffing companies, recruitment platforms, and workforce intermediaries are responsible for compliance even if they did not build the technology, and this obligation applies globally if the AI system affects anyone in the EU.
Researchers discovered that Amazon Bedrock AgentCore Code Interpreter allows outbound DNS queries (the system that translates website names to IP addresses) even when configured with no network access, letting attackers steal data and run commands by using DNS as a secret communication channel. Amazon says this is intended functionality and recommends users switch to VPC mode (a virtual private network configuration) instead of sandbox mode for better isolation. Separately, a flaw in LangSmith (a tool for managing AI language model workflows) allows attackers to steal user login tokens through URL parameter injection (inserting malicious data into web addresses).
Google has expanded access to its Personal Intelligence feature, which connects various Google apps (like YouTube, Gmail, and Google Photos) to give Gemini (Google's AI assistant) more context for better responses. Previously available only to paid subscribers, this feature is now accessible to free-tier users in the US through Search, Chrome, and the Gemini app, though it remains limited to personal accounts and not business or education accounts.
Microsoft is reorganizing its AI leadership, moving Jacob Andreou into a new executive role overseeing both consumer and commercial Copilot assistants, while freeing up Mustafa Suleyman to focus on building new AI models as part of Microsoft's superintelligence (advanced AI systems aiming toward human-level reasoning) efforts. This restructuring comes as Microsoft's Copilot adoption lags significantly behind competitors like ChatGPT and Gemini, and as investors pressure the company to show returns on its AI investments.
Microsoft is reorganizing its leadership to unify its Copilot assistant (an AI tool that helps users with tasks) across consumer and business products, which have been developed separately. The AI CEO Mustafa Suleyman will now focus on building Microsoft's own AI models rather than directly managing Copilot's features for individual users.
AI coding tools like Claude Code are changing how software development works, with more people able to write code and experienced developers spending less time writing code themselves and more time managing AI agents (programs that can act somewhat autonomously) and projects. The article explores what these rapid changes mean for both the code being produced and the people who create it.
Surf AI, a company building an agentic security operations platform (software that uses AI agents, or autonomous programs that take actions without human intervention, to handle security tasks), has announced its launch with $57 million in funding from major investors. The article focuses on the company's funding announcement rather than a specific security issue or problem.
CISOs (Chief Information Security Officers, the top security leaders at companies) are updating their data protection strategies because employees are rapidly sharing company data with AI tools, including public models like ChatGPT, creating new security risks. A CISO at a law firm added a new protection layer that classifies data based on whether it can be safely used with AI and invested in new monitoring tools, while also regularly evaluating new technologies to ensure controls keep pace with AI innovations.
Fix: The source describes one organization's approach: add a protection layer that classifies and tags data based on whether it could be used with AI and in what circumstances, invest in new tools to support that layer, monitor the vendor landscape for emerging capabilities, and evaluate new technologies being deployed to determine whether new controls are needed for them. However, no specific technical solutions, patches, or vendor recommendations are explicitly named in the source text.
CSO OnlineMeta-owned Manus launched a desktop application with a feature called 'My Computer' that allows its AI agent (a program that can complete complex, multi-step tasks automatically) to access and control files, tools, and applications directly on a user's computer, rather than only working in the cloud. This move competes with OpenClaw, a free, open-source AI agent that similarly runs on local devices. Experts have raised security and privacy concerns about giving AI agents local device access, but Manus addressed this by requiring explicit user approval before the agent executes tasks.
Fix: Manus's mitigation for security and privacy risks includes a control mechanism requiring explicit user approval before task execution. According to Manus, users can choose "Allow Once" for individual review of each action or "Always Allow" for trusted, recurring actions, keeping users "firmly in control."
CNBC TechnologyFix: Nvidia addressed risks with NemoClaw by building "guardrails, including privacy protections, oversight tools, and enterprise-grade security to ensure these agents can be deployed safely at scale."
CNBC TechnologyThe Pentagon is planning to let AI companies train their models on classified military data in secure facilities, which would allow the AI to learn from and embed sensitive intelligence like surveillance reports. While this could make AI systems more accurate for military tasks, experts warn it creates risks: classified information that the AI learns could accidentally be shared with people or military departments that shouldn't have access to it, potentially endangering operatives or exposing secrets.
OpenClaw, a framework for running AI agents (autonomous programs that can take actions) locally on devices rather than in the cloud, has faced security concerns since its rapid rise in early 2026. Nvidia announced NemoClaw, which addresses these vulnerabilities by using OpenShell, a security layer that includes kernel-level sandboxing (isolating programs from the core system) and a privacy router that monitors and blocks unauthorized data transfers by OpenClaw.
Fix: NemoClaw's OpenShell runtime isolates OpenClaw using kernel-level sandboxing and a 'privacy router' that monitors OpenClaw's behavior and communication with other systems, stepping in to block actions if it detects OpenClaw sending sensitive data somewhere it shouldn't. OpenShell is fully open source.
CSO OnlineFix: For Amazon Bedrock: migrate from Sandbox mode to VPC mode, implement a DNS firewall to filter outbound DNS traffic, audit IAM roles to follow the principle of least privilege (giving services only the minimum permissions they need), and use strict security groups and network ACLs. For LangSmith: update to version 0.12.71 or later (released December 2025), which addresses the token theft vulnerability.
The Hacker NewsFive major technology companies (Anthropic, AWS, Google, Microsoft, and OpenAI) have collectively invested $12.5 million into the Linux Foundation (a nonprofit organization that maintains critical open source software) to support long-term security improvements in open source projects. This funding aims to strengthen the security of widely-used software that many other programs depend on.
AI agents are autonomous software systems that can plan, decide, and act independently across connected systems, often without human oversight, creating significant security risks that traditional guardrails (like prompt filtering) cannot adequately address. The article argues that identity-based access control, rather than prompt restrictions or network controls, is the foundation for securing AI agents. CISOs must treat AI agents as first-class identities, shift from guardrails to strict access control, and eliminate shadow AI (unauthorized agents) through continuous discovery and visibility of agent identities.