ChatGPT"s GPT-5-reasoning-alpha model spotted ahead of launch
GPT-5 might be just a few days or weeks away, as we've spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13. [...]
Explore the intersection of AI and cybersecurity. Stay informed on AI-driven security trends, tools, and threats in the ever-evolving digital landscape.
Search across headline titles and summaries.
Background for this topic.
Artificial intelligence (AI) describes computer systems that perform tasks such as recognizing patterns, making predictions, understanding language, or generating content. In security reporting, the term commonly includes machine-learning models used for detection and analysis, as well as generative AI applications that produce text, code, images, or other outputs.
AI can help analyze security telemetry, prioritize vulnerabilities, and support investigations, but its outputs can be wrong or manipulated. Important attack surfaces include prompt injection that steers an application into unintended actions, sensitive data being exposed through prompts or model outputs, and excessive permissions granted to AI systems that use external tools. Models can also be degraded by poisoned training data or evaded with carefully crafted inputs. Practitioners should protect training and operational data, limit model access and tool permissions, test for adversarial behavior, and require appropriate human validation before high-impact decisions.
GPT-5 might be just a few days or weeks away, as we've spotted references to a new model called gpt-5-reasoning-alpha-2025-07-13. [...]
AI companies could soon disrupt the education market with their new AI-based learning tools for students. [...]
New Working Group Launched After 2 Failed Attempts to Resolve AI Training ImpasseThe U.K. government on Wednesday began its latest round of talks between creative owners and the artificial intelligence sector to work out a potential deal on the use of copyrighted content to train AI models. The discussions follow two previous failed attempts.
House, Senate Versions of 2026 NDAA Offer Competing Approaches to CyberWashington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.
ChatGPT's o3 is OpenAI's best model to date because it features reasoning, and it might get even better in the next update. [...]
Also: Train Hack Risks Outed by CISA Alert; AI Comprehension Issues Won't Go AwayIn this week's update, four ISMG editors discussed the potential global implications of the Seychelles Commercial Bank data breach; the real-world threat of train hacks following an alert about a critical railway vulnerability; and growing concerns around AI's "comprehension problem."
Despite Billion-Dollar Bets, Tangible Returns Are Still Elusive for Global FirmsAs enterprises pour billions into generative AI, many struggle to translate hype into measurable returns on investment. From data prep costs and hallucination risk to poor implementation and organizational inertia, experts say the real payoff may still be years away.
Security often lags behind innovation. The path forward requires striking a balance.
WeTransfer added the magic words "machine learning" to its ToS and users reacted predictably Analysis WeTransfer this week denied claims it uses files uploaded to its ubiquitous cloud storage service to train AI, and rolled back changes it had introduced to its Terms of Service after they deeply upset users. The topic? Granting licensing permissions for an as-yet-unreleased LLM product.…
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector
Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services
OpenAI's next foundational and state-of-the-art model, GPT-5, is still on its way after a delay. OpenAI won't tell us the release date for now. [...]
A cryptomining botnet active since 2019 has incorporated likely AI-generated Lcryx ransomware into its operations
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald's was exposed after they guessed the password ("123456") for the fast food chain's account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many Fortune 500 companies. Paradox.ai said the security oversight was an isolated incident that did not affect its other customers, but recent security breaches involving its employees in Vietnam tell a more nuanced story.
A novel malware family named LameHug is using a large language model (LLM) to generate commands to be executed on compromised Windows systems. [...]
Why do AI agents require new identity governance approaches and the current controls not enough?
Authentication in MCP — the backbone of agentic AI — is optional, and nobody's implementing it. Instead, they're allowing any passing attackers full control of their servers.
COO Francis deSouza Explains Google Cloud's Push for Unified Multi-Cloud SecurityCOO Francis deSouza shares insights into Google Cloud’s security priorities as it pursues the $32 billion acquisition of Wiz. He explains the need for seamless multi-cloud protection, the value of Mandiant's threat intelligence, and how AI is changing threat detection and response at scale.
Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites