OpenAI Confirms Two Employee Devices Hit in TanStack npm Supply Chain Attack
OpenAI says two employee devices were compromised in the Mini Shai-Hulud supply chain attack, with limited credential data exfiltrated from internal repositories.
#security
How OpenAI Built a Custom Sandbox to Bring Codex to Windows
OpenAI engineered a bespoke Windows sandbox for its Codex coding agent after existing OS-level isolation tools proved unfit for open-ended developer workflows.
Can LLM Biases Be Weaponized to Hijack AI Search Overviews?
A new arXiv preprint examines whether known large language model biases can be deliberately exploited to distort AI-generated search summaries.
AI Found GitHub's Most Dangerous Security Hole — Engineers Sealed It in Six Hours
Wiz Research used AI to uncover a critical RCE flaw in GitHub's git infrastructure; engineers patched it in under six hours with no confirmed exploitation.