OpenAI’s GPT-5.5, GPT-5.4, and Codex are now production-ready on Amazon Bedrock with AWS governance integration, automatic capacity management, and OpenAI-aligned pricing.
Shadow AI is no longer uncontrolled pasting into ChatGPT, but rather the development and deployment of complete AI-generated applications beyond security oversight.
A supply-chain attack on Red Hat npm packages exploits install-time execution and credential harvesting to infiltrate developer and CI/CD systems with self-propagating malware.
Google binds session cookies cryptographically to the device’s security chip, rendering stolen cookies worthless on other computers and blocking infostealer malware.
Meta connected its support chatbot directly to critical account management functions, giving attackers an easy way to hijack accounts without authorization.
AgentCore Gateway combines Cedar policies for static access control with Lambda interceptors for dynamic validation, enabling secure governance of LLM-based agents at scale.
An npm package disguised as an OpenAI Codex interface with 29,000 weekly downloads steals authentication tokens and enables attackers to abuse APIs under stolen identities.
Barely perceptible acoustic signals embedded in audio files can covertly manipulate AI speech models into data exfiltration or network access, while conventional security mechanisms fail to detect 70–93 percent of attacks.