All news with #openai tag

🛡️ Palo Alto Networks' early testing of frontier AI models—including Anthropic's Mythos (via Project Glasswing) and OpenAI models evaluated through Trusted Access for Cyber—shows these models can rapidly find vulnerabilities and generate exploits at scale. The company found a roughly 50% improvement in coding efficiency driving quantum leaps in scanning, vulnerability chaining, and full-stack logic analysis. This creates urgent risks: a deluge of discovered vulnerabilities, supply-chain "inside-out" attacks targeting AI infrastructure, and AI-driven autonomous attack agents that compress attack cycles to minutes. Organizations must accelerate automated patching, adopt zero trust, deploy XDR and agentic endpoint protections, and operationalize AI-driven SOCs like Cortex XSIAM to achieve near-real-time detection and response.

🔐 CrowdStrike has been selected for OpenAI's Trusted Access for Cyber (TAC) program and will integrate the frontier model GPT-5.4-Cyber into its platform. Its multi-model AgentWorks framework enables defenders to choose the best model for each task while applying enterprise-grade governance and real-world threat intelligence. Falcon sensors provide runtime visibility across endpoints, governing AI agents where they execute and helping organizations meet emerging regulatory requirements such as the EU AI Act.

🔒 OpenAI has released GPT-5.4-Cyber, a variant of GPT-5.4 fine-tuned to assist cybersecurity tasks and defensive workflows. The company expanded its Trusted Access for Cyber (TAC) program with tiered verification so vetted defenders can access models with lowered refusal boundaries for legitimate security work. Access is currently limited to vetted vendors, organisations and researchers while OpenAI carefully studies benefits and risks. The release is positioned to embed advanced coding and agentic capabilities into secure development practices.

🔒 At VulnCon26 in April, Lindsey Cerkovnik of CISA urged that AI firms like OpenAI and Anthropic be more directly represented in the CVE program to help manage a surge in reported vulnerabilities. She warned that new AI tools both accelerate discovery of valid flaws and generate lower-value noise, putting pressure on disclosure workflows. Recent vendor developments — Anthropic’s Mythos Preview and OpenAI’s GPT-5.4-Cyber — illustrate how automated research is already changing the threat landscape. Cerkovnik said CVE funding is secure and the program remains a CISA priority.

🛡️ OpenAI has unveiled GPT-5.4-Cyber, a variant of its flagship GPT‑5.4 tuned for defensive cybersecurity use cases, and expanded its Trusted Access for Cyber (TAC) program to include thousands of authenticated individual defenders and hundreds of security teams. The company says the model is intended to help teams find, validate, and fix vulnerabilities faster while it iteratively strengthens safeguards to reduce dual‑use risks and resist jailbreaks and adversarial prompt injection. OpenAI highlighted its Codex Security agent, which it credits with contributing to the remediation of over 3,000 critical and high vulnerabilities, and framed the release as part of a broader shift toward continuous, developer‑integrated security feedback.

🔒 OpenAI is rotating macOS code-signing certificates after a GitHub Actions workflow executed a compromised Axios package (v1.14.1) on March 31, 2026. The workflow had access to certificates used to sign macOS apps including ChatGPT Desktop, Codex, Codex CLI, and Atlas. OpenAI says it found no evidence the certificate was misused but is revoking and rotating it as a precaution; macOS users must update apps by May 8, 2026.

🔒 OpenAI disclosed that a GitHub Actions workflow used to sign its macOS apps downloaded a malicious version of Axios on March 31, though the company says it found no evidence of user-data access or broader system compromise. The workflow had access to a signing certificate and notarization materials for ChatGPT Desktop, Codex, Codex CLI, and Atlas. OpenAI is treating the certificate as compromised, revoking and rotating it, and warns older macOS app builds will be blocked by default starting May 8, 2026 to protect users.

🚀 OpenAI has introduced a new ChatGPT Pro subscription at $100 per month to match Anthropic's Claude pricing and to appeal to coders and enterprise users. The revised lineup now lists Plus $20 for lighter usage, Pro $100 for real projects with 5× higher limits and temporarily 10× Codex usage, and Pro $200 for heavy continuous workflows with 20× limits. All Pro tiers include access to Pro models, Codex, Deep Research, image creation, memory, and file uploads, and OpenAI notes “unlimited” GPT‑5 access remains subject to standard Terms of Use.

⚠️A security flaw in ChatGPT could be triggered by a single malicious prompt to create a covert exfiltration channel, researchers at Check Point reported. The issue allowed data to be leaked via a DNS side channel from the model’s isolated runtime and was patched by OpenAI on 20 February after disclosure. Check Point demonstrated extraction of uploaded files and private prompts and warned that users copying prompts from public sources could be exposed.

🔒 Researchers disclosed two vulnerabilities in OpenAI’s AI stack affecting Codex and ChatGPT. BeyondTrust found a command injection flaw in Codex that let a malicious GitHub branch name execute code inside task containers and expose short-lived GitHub tokens. Check Point Research discovered a hidden outbound channel in ChatGPT’s code execution runtime that could silently transmit chats, uploads, or outputs to an external server. OpenAI patched both issues before public disclosure and researchers warn that autonomous code execution increases long-term risk.

🔒 OpenAI patched two vulnerabilities affecting ChatGPT and Codex that could have allowed covert exfiltration of user data and theft of GitHub tokens. Check Point disclosed a DNS-based side-channel in ChatGPT's Linux execution environment that encoded conversation content into outbound DNS requests, potentially enabling remote shell access. BeyondTrust found a command-injection bug in Codex that allowed branch-name payloads to retrieve GitHub tokens. Both flaws were responsibly disclosed and fixed in February 2026; vendors report no evidence of active exploitation.

🔒 New research exposed a previously unknown vulnerability that allowed silent data leakage from ChatGPT conversations, challenging assumptions about AI assistants as secure containers. OpenAI has since fully resolved the flaw, but the incident underscores that enterprises must not assume AI vendors or platforms are secure by default. Security teams should validate vendor claims and apply controls before entrusting sensitive data.

🛡️ OpenAI has launched a new Safety Bug Bounty, hosted on Bugcrowd, to solicit researcher reports of AI abuse and safety risks across its products. Announced March 26, it complements the existing Security Bug Bounty and targets issues like agentic risks (MCP abuse, prompt injection, data exfiltration), account integrity violations, and proprietary-information exposures. OpenAI clarified scope limits, excludes low-impact jailbreaks, runs private campaigns for certain harms, and will triage submissions between safety and security programs.

📚 OpenAI has begun rolling out a new ChatGPT Library feature that stores personal files and images in its cloud so they can be referenced in future chats. The feature is available to Plus, Pro, and Business subscribers worldwide except in the European Economic Area, Switzerland, and the United Kingdom. Files uploaded in chats or via the composer are saved by default to a secure, dedicated location and remain in the Library until manually deleted; deleting a chat does not remove the stored file.

⚠️ Unit 42 examines real-world instances where malware calls external LLMs for decision making or cosmetic effect. The researchers present two representative cases: a trio of obfuscated .NET infostealers that call OpenAI GPT-3.5-Turbo but largely perform "AI theater" by logging model outputs without functional integration, and a Go dropper that queries GPT-4 to gate Sliver payload execution. The report highlights detection opportunities and recommends Advanced Threat Prevention, Advanced WildFire, and Cortex XDR/XSIAM to monitor telemetry and IOCs.

🤝 Google announced it has signed the Industry Accord Against Online Scams & Fraud with major industry partners including Adobe, Amazon, LinkedIn, Meta, Microsoft and OpenAI. The agreement commits participants to unify capabilities, share threat intelligence and coordinate defenses against sophisticated, cross-border scam networks. Google said it will expand technical support and deploy AI-driven detection tools, building on $15 million in Google.org funding. In 2026 the company will share more through the Global Signal Exchange and publish guides on data sharing, private sector referrals to law enforcement, and public policy frameworks.

ℹ️ OpenAI told BleepingComputer that references to ads in its updated privacy policy do not indicate a global rollout — ads are currently limited to the United States. Ads launched in the US on February 9, 2026, and appear below answers for logged-in Free and Go users. OpenAI says ads run on separate systems, are clearly labeled, may be personalized, and that advertisers do not access chat content.

🇨🇦 The Carney administration's $2‑billion Sovereign AI Compute Strategy forces a fundamental choice about where AI value and control will reside. Bruce Schneier warns that initiatives like OpenAI's “OpenAI for Countries” could simply transfer benefits and authority to U.S. tech firms, citing the Tumbler Ridge incident and private secrecy. He advocates for a publicly funded, transparent national AI—modeled on Switzerland's Apertus—to serve healthcare, education, transit, and democratic oversight rather than private profit.

🔐 Attackers increasingly leverage trusted cloud platforms and SaaS APIs to blend malicious activity into routine enterprise traffic. Campaigns such as Gridtide and SesameOp demonstrate adversaries using Google Sheets, OpenAI APIs and cloud storage as covert command-and-control and staging vectors. By operating through legitimate identity systems, management consoles, and ephemeral serverless functions, attackers evade network defenses and static blocklists. The result is harder detection, easier credential harvesting, and persistent access across hybrid environments.

🔐OpenAI has acquired Promptfoo, a startup that provides open source tools to test and evaluate LLMs and AI agents. The deal aims to close a growing security gap in agentic AI by integrating automated testing, red‑teaming and traceability directly into OpenAI Frontier. Promptfoo's suite — used by over 25% of Fortune 500 firms — will remain open source. The move follows warnings from security advisors about 'human‑language malware' and complements OpenAI's recent security hires and tools.