The rise of AI coding assistants has simplified developer workflows, but a recent discovery shows those conveniences can carry serious risk. Researchers at BeyondTrust found a critical command-injection vulnerability in OpenAI Codex that could be exploited to steal GitHub access tokens. The flaw demonstrates how an overlooked parsing detail — a branch name passed into a container setup script —
Category: Artificial Intelligent
OpenAI, ChatGPT, Claude, Gemini, Grok, DeepSeek, Meta AI, Le Chat, DALL-E, Midjourney, Stable Diffusion, Sora, BERT, T5, GPT-4, GPT-4o, GPT-5, Claude 3.5 Sonnet, Claude 3 Opus, Claude 4.5 Sonnet, Claude 4.5 Opus, Gemini 1.5 Pro, Gemini Ultra, Gemini 3, Llama 3, Mistral Large, DeepSeek-R1, AI in cybersecurity, MCP, Model Context Protocol
Accio and Alibaba: How AI Is Rewiring Sourcing for Small Online Sellers
When Mike McClary decided to revive a discontinued flashlight that had once been one of his best sellers, he didn’t dust off the old supplier spreadsheet or spend weeks emailing factories. Instead, he opened Accio, an AI-powered sourcing assistant on Alibaba.com, and started a conversation. Within weeks he had a redesigned product, a recommended factory in Ningbo, and a projected
Microsoft Links Medusa Ransomware Affiliate to Zero-Day Exploitation Campaign
Microsoft’s recent analysis tying a Medusa ransomware affiliate to a campaign that leveraged zero-day vulnerabilities has put a renewed spotlight on the evolving tactics of extortion groups and the threat posed by previously unknown software flaws. For security teams and executives, the announcement is a reminder that threat actors are combining rapid vulnerability exploitation with tried-and-true ransomware playbooks to increase
Anthropic opens Microsoft 365 connectors to all Claude plans — what it means for users
Anthropic has quietly broadened access to one of Claude’s most practical integrations: the Microsoft 365 connector. Once reserved for Team and Enterprise subscribers, the connector is now available across every Claude plan — including the free tier — enabling Claude to read and search content stored in Outlook, OneDrive, SharePoint, Teams and Calendar for users tied to an organization’s Microsoft
Microsoft strips EXIF metadata from Teams images to protect employee privacy
On March 2026’s feature rollout, Microsoft updated Teams to automatically remove EXIF metadata from images shared in chats and channels. The change aims to prevent accidental leaks of GPS coordinates, device details, and time stamps—data that can be exploited for targeted attacks or unwanted location disclosure. The move is part of a broader push to bake privacy and security into
Anthropic’s Claude Leak: 8,000 Takedown Requests After an Accidental Source-Code Exposure
Anthropic has scrambled to contain the fallout after an accidental exposure of the complete source code for its Claude family of AI tools. The company issued roughly 8,000 copyright takedown requests to remove copies and adaptations circulating on code-hosting sites and mirrors, responding to a wave of reposts and forks that appeared within hours of the initial disclosure. Although Anthropic