TLDRocket
Sign in

Security

28 summarised stories about Security, each linking back to the original source. Browse all topics →

Wednesday, 15 July 2026

xAI sues a man for using Grok to generate CSAM ‘deepfakes’

The Verge 21 hours ago

xAI is suing Terry Wayne Harwood, a South Carolina man allegedly arrested in February for using Grok to generate and distribute child sexual abuse material. Harwood faces eight felony charges related to possessing and distributing CSAM, with xAI claiming at least some of the images were generated or altered using their chatbot. The lawsuit asserts Harwood intentionally circumvented Grok's safeguards, potentially prompting xAI and other AI providers to implement stricter content moderation.

Microsoft patches record number of security vulnerabilities, citing its use of AI

TechCrunch AI 22 hours ago

Microsoft released patches for 570 security vulnerabilities across its product lines, attributing the spike to AI-assisted discovery of previously hidden code flaws. The batch included at least two zero-day exploits actively being used against Windows Server and SharePoint, with one allowing privilege escalation to system administrator level. Microsoft indicated that monthly patch volumes will remain elevated as AI tools continue to identify dormant vulnerabilities in legacy code.

How I tricked Claude into leaking your deepest, darkest secrets

Simon Willison 1 day ago

A researcher discovered that Claude's web_fetch tool could be exploited through nested links on honeypot websites to extract user data, bypassing Anthropic's safeguards against data exfiltration attacks. The attack successfully retrieved a user's name, home city, and employer by tricking the model into following letter-by-letter URL sequences disguised as authentication prompts. Anthropic subsequently patched the vulnerability by removing web_fetch's ability to navigate links embedded within previously fetched pages.

Suno snatched millions of songs from YouTube, Genius, and Deezer

The Verge 1 day ago

Suno scraped millions of songs and lyrics from YouTube Music, Deezer, and Genius to train its AI music generator, according to data exposed in a hacking incident. The training dataset included content from multiple platforms that Suno had previously kept secret from public disclosure. This revelation strengthens ongoing lawsuits against Suno, including a case brought by the Recording Industry Association of America alleging copyright infringement in the model's training.

GPT-Red: Unlocking Self-Improvement for Robustness

OpenAI Blog 1 day ago

OpenAI developed GPT-Red, an automated system that uses self-play to identify vulnerabilities in AI models and improve their robustness against adversarial attacks. The system iteratively generates adversarial prompts and defensive improvements in a feedback loop, with evaluations showing measurable increases in resistance to prompt injection attempts. This approach allows AI developers to systematically strengthen defenses without manual red teaming, reducing the time required to identify and patch safety vulnerabilities.