Tag: openai
-
New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora.The vulnerability has been codenamed HTTP/2 Bomb by Calif.”The vulnerable behavior exists in each server’s default HTTP/2 configuration,” the company said, adding it was discovered by OpenAI Codex by chaining First seen on…
-
OpenAI upgrades GPT-5.5, as it plans to retire legacy ChatGPT models
OpenAI says it’s rolling out a new update that improves the existing GPT-5.5 Instant model, and this move comes ahead of the scheduled retirement of multiple legacy models, including o3. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/openai-upgrades-gpt-55-as-it-plans-to-retire-legacy-chatgpt-models/
-
For CISOs, dawn of OpenAI Daybreak brings good and bad news
OpenAI Daybreak shows how AI reshapes vulnerability discovery. But AI-driven security tools raise accountability questions and fuel the AI arms race between defenders and attackers. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643546/For-CISOs-dawn-of-OpenAI-Daybreak-brings-good-and-bad-news
-
OpenAI brings frontier AI to existing AWS environments
OpenAI frontier models and Codex are now available on AWS, giving customers access to OpenAI capabilities within AWS environments and the controls needed to move more quickly … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/openai-models-and-codex-on-aws/
-
Anthropic Submits Pre-IPO SEC Filing, Leads Market Cap Fight
Frontier AI Market Gains Helped Anthropic Move From Challenger to Category Leader Anthropic’s new $965 billion Series H valuation, growing use of Claude for AI coding and an increasing share of the enterprise AI market indicate OpenAI’s early lead in frontier models has disappeared as customers have shifted their spending, workloads and token usage to…
-
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Tags: android, attack, authentication, breach, cybersecurity, github, malicious, openai, supply-chain, toolCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the…
-
AI Powered Nmap using ShellGPT
Overview This article examines how pairing ShellGPT, an AI-powered command-line assistant driven by the OpenAI API, with Nmap fundamentally changes the pace and First seen on hackingarticles.in Jump to article: www.hackingarticles.in/ai-powered-nmap-using-shellgpt/
-
27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens
A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks. First seen on hackread.com Jump to article: hackread.com/codex-ui-tool-secretly-stole-openai-refresh-tokens/
-
ISMG Editors: The Governance Questions Haunting OpenAI
Also: Rethinking SASE and AI’s Impact on the Cyber Workforce. In this week’s panel, four ISMG editors discussed what the Musk vs. Altman trial exposed about OpenAI’s governance program, how AI is reshaping the way enterprises think about security and why Cisco, Cloudflare, Arctic Wolf and other firms are redesigning their workforces for the AI…
-
1Password and OpenAI collaborate on secure credential access for AI coding agents
First seen on scworld.com Jump to article: www.scworld.com/brief/1password-and-openai-collaborate-on-secure-credential-access-for-ai-coding-agents
-
KI-Angriffe 2026: Check Point warnt vor AI-Hacking, Jailbreaks und gestohlenen OpenAIKeys
Was bislang als experimentelle Bedrohung galt, entwickelt sich jetzt mit rasanter Geschwindigkeit zum skalierbaren Geschäftsmodell für Angreifer weltweit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/ki-angriffe-2026-check-point-warnt-vor-ai-hacking-jailbreaks-und-gestohlenen-openai-api-keys/a45280/
-
OpenAI Could File for IPO as Soon as Friday
Days After Beating Musk in Court, ChatGPT Maker Moves Toward Public Debut. OpenAI is preparing to confidentially file its IPO prospectus as soon as Friday, working with Goldman Sachs and Morgan Stanley, according to reports. The IPO could be one of the largest public market debuts in history – just days after OpenAI beat billionaire…
-
OpenAI Wins in Court, Jury Says Musk Waited Too Long to File
Musk’s Claims Against Altman and Microsoft Dismissed After Less Than Two Hours. A federal jury took less than two hours to dismiss Elon Musk’s lawsuit against OpenAI and Sam Altman, finding his claims were filed outside the statute of limitations. The verdict clears the path for OpenAI’s planned IPO at a valuation nearing $1 trillion.…
-
AI might cut false positives, but it won’t stop the slop
Anthropic and OpenAI promise their latest tools will find more vulnerabilities. Cybersecurity employees say they’re already flooded with AI-generated reports. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-vulnerability-reporting-bug-bounty-noise/
-
Experts warn of privacy risks as AI firms looks to connect to financial accounts
OpenAI announced Friday that it is rolling out a new ChatGPT feature allowing users to connect all of their financial accounts to the chatbot for personal finance advice. First seen on therecord.media Jump to article: therecord.media/experts-warn-of-privacy-cyer-risks-ai-finance
-
Experts warn of privacy risks as AI firms looks to connect to financial accounts
OpenAI announced Friday that it is rolling out a new ChatGPT feature allowing users to connect all of their financial accounts to the chatbot for personal finance advice. First seen on therecord.media Jump to article: therecord.media/experts-warn-of-privacy-cyer-risks-ai-finance
-
OpenAI hit by supply chain attack linked to malicious TanStack packages
OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process…
-
Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording
Plus: Instructure’s Canvas ransomware debacle comes to a close, an alleged dark net market kingpin gets arrested, OpenAI workers fall victim to a supply chain attack, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-cybercriminal-twins-caught-after-they-forgot-to-turn-off-microsoft-teams-recording/
-
OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack
OpenAI says Mac users must update ChatGPT, Codex, and Atlas apps by June 12 after an npm supply-chain attack exposed signing certificates. The post OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-openai-mac-app-update-supply-chain-attack/
-
OpenAI asks macOS users to update after TanStack npm supply chain attack
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies. First seen on therecord.media Jump to article: therecord.media/openai-asks-macos-users-to-update-tanstack-npm
-
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/
-
OpenAI says hackers stole some data after latest code security issue
OpenAI said the damage was limited to the employees’ devices, and did not affect user data nor its production systems, and none of its intellectual property was stolen. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/14/openai-says-hackers-stole-some-data-after-latest-code-security-issue/
-
Microsoft CEO Takes the Stand in Musk’s OpenAI Trial
Nadella Defends $13B OpenAI Investment as Musk’s Case Nears Its End. Microsoft CEO Satya Nadella testified in the Musk v. Altman trial that Elon Musk never raised concerns about Microsoft’s $13 billion OpenAI investment or the nonprofit-to-for-profit conversion. Nadella called the 2023 board crisis that ousted CEO Sam Altman amateur city. First seen on govinfosecurity.com…
-
OpenAI Unlocks Cybersecurity Model for Europe
German Financial Regulator Warns Sector to Step Up Defenses. OpenAI is stepping up to do what arch-rival Anthropic still won’t. The AI firm will give European authorities and companies access to its new vulnerability-finding AI model, so they can beef up their cybersecurity. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openai-unlocks-cybersecurity-model-for-europe-a-31664
-
OpenAI Launches ‘Daybreak’ to Help Build Secure By Design Software
With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/openai-daybreak-secure-by-design/
-
OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos
Tags: access, ai, cisco, crowdstrike, cyber, cybersecurity, defense, detection, fortinet, framework, government, malware, network, openai, oracle, penetration-testing, RedTeam, risk, software, strategy, technology, update, vulnerabilityOpenAI’s cybersecurity model stack: OpenAI is pursuing a scalable cyber defense platform strategy with Daybreak and is rolling out the initiative through three different model tiers: GPT-5.5 (default), GPT-5.5 with Trusted Access for Cyber, and GPT-5.5-Cyber.The standard GPT-5.5 model is positioned for general-purpose enterprise use cases, including developer assistance and knowledge work. GPT-5.5 with Trusted…
-
Malicious Hugging Face Repository Typosquats OpenAI
HiddenLayer reveals infostealer malware in a Hugging Face repository First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-hugging-face-repo/
-
OpenAI’s Daybreak uses Codex Security to identify risky attack paths
OpenAI Daybreak is the company’s cybersecurity initiative focused on building AI-assisted software defense into the development process from the start. It combines OpenAI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/openai-daybreak-openai-daybreak-vulnerability-validation-initiative/
-
Cybersicherheit – Daybreak ist OpenAIs Antwort auf Claude Mythos
Mit der neuen Cyber-Sicherheitsinitiative Daybreak will OpenAI verlorenen Boden im Bereich Sicherheit gutmachen. First seen on computerbase.de Jump to article: www.computerbase.de/news/apps/cybersicherheit-daybreak-ist-openais-antwort-auf-claude-mythos.97324