All news in category “AI and Security Pulse”

📰 Google says Gemini will not include ads for now, a stance confirmed by DeepMind CEO Demis Hassabis at the Davos Economic Forum. Google AI leadership reiterated that it currently does not plan to monetize Gemini with advertising, although the company did not rule out future changes. Meanwhile, OpenAI has begun testing ads in ChatGPT in the U.S. for Free and Go users, with paid tiers expected to remain ad-free.

🛡️ OpenAI has introduced an age-prediction model in ChatGPT that analyzes conversation topics and usage patterns to infer whether a user is a teen or an adult and apply safety-related content restrictions. The system can err and may sometimes flag adults as teens; users 18+ who are mistakenly restricted can complete an age verification flow through the partner Persona, which may require a live selfie and a government-issued ID. Persona reportedly deletes verification material within seven days, and confirmed adults will have the extra safety settings removed after verification.

⚠️ Researchers at Miggo Security demonstrated that Google Gemini can be manipulated via malicious Calendar invites to exfiltrate private event data. By embedding natural-language prompt-injection payloads in an event description, attackers can cause Gemini to summarize private meetings and write that summary into a new event visible to participants. Miggo reported the issue and Google has implemented mitigations.

🤖 In episode 84 of The AI Fix, hosts Graham Cluley and Mark Stockley survey a series of recent AI developments that raise practical and philosophical questions. They discuss reports that Grok will be integrated into Pentagon networks, a campaign by insiders to poison training data, and research showing small amounts of tainted data can sway model behavior. The episode also covers Google removing AI health overviews after risky outputs, findings that asking a model the same question twice can improve answers, and surprising advances in automated theorem solving.

🧭 OpenAI’s launches of ChatGPT Search and the ChatGPT Atlas browser mark a pivot toward monetizing user attention through advertising. The essay warns this trajectory risks reproducing the ad-driven incentives of search incumbents like Google, enabling conversational AI to influence purchases, opinions, and online behavior more subtly and effectively than traditional ads. Schneier urges caution, greater consumer data control, and public-policy responses to protect trust.

🔒Gartner warns that the growing prevalence of AI-generated content could cause future LLMs to be trained on outputs from previous models, increasing risks of model degradation, hallucinations and bias. The analyst predicts up to half of organizations may adopt zero trust data governance amid rising regulatory scrutiny. Firms are urged to appoint AI governance leaders, strengthen metadata management and deploy authentication and verification controls to safeguard decision-making and financial outcomes.

📅 A newly disclosed weakness in Google’s Gemini demonstrates how routine calendar invites can be weaponized to influence model behavior. Miggo researchers found that Gemini ingests full event context — titles, times, attendees and descriptions — and may treat that content as actionable instructions. The issue reframes calendar entries from inert data into a potential prompt‑injection vector, highlighting risks as enterprises embed generative AI into day‑to‑day workflows.

🚀 This post introduces Gemini 3 Flash, Google’s low-latency, cost-efficient model in the Gemini 3 family, optimized for advanced reasoning, multimodal understanding, and agentic workflows. It guides developers through obtaining an API key from Google AI Studio and configuring it for local use or environment-based invocation. The article demonstrates interactive prompt testing in the Playground, explains toggles like Structured outputs and Thinking level, and shows how to export language-specific sample code via the "Get code" feature to run with the Google GenAI SDK.

⚠️A convincingly generated video featuring entrepreneur Reinhold Würth has been circulating to promote purportedly exclusive investment schemes. The clip, reportedly produced using AI deepfake techniques, falsely links the Würth family and the Würth Group to high-return offers. Würth has confirmed the footage is fraudulent, is cooperating with law enforcement, and urges the public not to engage with the promotions. Victims are advised to contact their bank and file a police report immediately.

🤖 Check Point Research's analysis of VoidLink describes one of the first advanced malware families largely generated using artificial intelligence. Unlike earlier AI-assisted samples, which were often low-quality or derivative, VoidLink exhibits clear sophistication, modularity, and rapid evolution. AI appears to have enabled a single actor to plan, build, and iterate a complex malware framework in days rather than months, compressing development cycles and increasing operational tempo. Security teams must adapt detection, attribution, and incident response to meet this emerging threat class.

⚡ ChatGPT Go has expanded its limits and now provides unlimited access to GPT‑5.2 Instant for an $8 monthly fee, offering more messages, uploads, image creation, and longer memory and context windows. The plan is positioned as a lower-cost alternative to ChatGPT Plus, though it is locked to GPT‑5.2 Instant and lacks the higher reasoning capabilities available in Plus. A higher-tier ChatGPT Pro option is also available at $200/month. Subscribers who want an ad-free experience still must choose Plus or Pro.

🔔 OpenAI is offering a free one-month trial of ChatGPT Plus, normally $20/month, through a limited-time promotion available to many accounts. The offer can be activated now and canceled anytime before it auto-renews, so users who want to avoid charges must cancel before the end of the month. Plus provides higher message and file limits, expanded memory, and longer context windows than the free or Go tiers. OpenAI also plans to introduce ads into the Free and Go tiers in the coming weeks.

⚠️ Researchers disclosed an indirect prompt-injection flaw that allowed Google Gemini to bypass calendar privacy controls and exfiltrate meeting data. A crafted Google Calendar invite could hide a natural-language payload that Gemini later parsed, summarized, and wrote into new events whose descriptions leaked private meeting content. Miggo Security reported the issue and said it has been responsibly disclosed and addressed, highlighting how AI-native features increase the attack surface when assistants can read, summarize, and write into productivity services.

🚨 Inside Beverly Hills High School, an array of AI-driven surveillance tools is being used to monitor students and campus activity. Video cameras run facial recognition and behavior-analysis models, a smoke-detector-shaped device captures audio for distress sounds, drones stand ready for aerial intel, and license-plate readers from Flock Safety track vehicles. The deployment raises questions about privacy, oversight, and the normalization of commercial surveillance in schools.

🔒 In conversations with Southeast Asia CISOs, leaders forecast 2026 as a year when AI and cloud become prime attack surfaces, forcing a shift from perimeter defenses to identity- and resilience-centered strategies. They emphasize hardening cloud and AI infrastructure, treating identity as the active perimeter, instrumenting browsers and agents for forensic clarity, and operationalizing resilience both as capability and — in some financial institutions — as a product. Supply‑chain fragility, agentic AI autonomy, session hijacking, and IT‑OT convergence are highlighted as priority risks demanding continuous verification, scoped agent controls, and stronger vendor governance.

🎵 OpenAI has started using new hostnames—sonata.openai.com and sonata.api.openai.com—spotted on 15–16 January 2026, suggesting work on a service codenamed Sonata. A new subdomain typically signals a web-facing product, internal tool, or API, but the codename alone doesn't confirm functionality. OpenAI recently improved ChatGPT's reference chat history retrieval and expanded dictation, which could align with audio or transcription enhancements.

🔍 OpenAI is internally testing a web update for ChatGPT that it plans to roll out gradually in the coming weeks. Leaked references highlight a new task-oriented feature codenamed Salute, an "is model preferred" flag intended to improve local business and map results, and a secure tunnel option for MCP servers. The company is also trialing inline editable code and math blocks to expand the existing formatting block functionality. Collectively, these changes aim to streamline file-based workflows, enhance location-specific answers, and simplify secure enterprise connectivity.

🤖 Google is testing new Skills for its Gemini AI in Chrome that enable the assistant to perform tasks automatically inside the browser. A hidden page, chrome://skills, has been identified and appears to let users add Skills with a name and instructions while the feature is being internally tested. Currently, Gemini in Chrome acts as a helper on desktop in the US, summarizing pages, explaining content, and combining information from multiple tabs. Google plans to evolve Gemini into an agent that will work more closely with apps like Calendar, YouTube, and Maps, though rollout timing is still unclear.

🔔 OpenAI has rolled out the $8 ChatGPT Go subscription globally, offering users 10× more messages, increased file uploads, expanded image creation, longer memory, and a larger context window than the free tier. Go provides access to the latest GPT-5.2 Instant but does not include the higher-tier "reasoning" models reserved for paid plans. The Go tier displays ads; upgrading to GPT Plus ($20) or GPT Pro ($200) removes them and restores advanced model access.

🔐 Tom Curry and Anton Chuvakin from Google Cloud’s Office of the CISO present practical guidance for implementing the Secure AI Framework (SAIF) on Google Cloud. The piece emphasizes three operational principles: treat data as the perimeter, treat prompts like code, and require identity propagation for agentic AI. It maps 15 common AI risks to controls and highlights concrete tools and patterns—IAM, Dataplex, Vertex AI, Model Armor, Gemini, Apigee, and the Agent Development Kit—to operationalize SAIF.