Grok Build CLI Uploaded Full Repos and Secrets to xAI

Grok Build CLI Uploaded Full Repos and Secrets to xAI

A security researcher has shown that xAI's Grok Build CLI was uploading entire git repositories, including unredacted secrets, to a Google Cloud Storage bucket, and that the tool's own opt-out toggle did not stop it.

Meta AI Support Bot Used to Hijack Instagram Accounts

Meta AI Support Bot Used to Hijack Instagram Accounts

Hackers seized high-profile Instagram accounts by exploiting Meta AI customer support, asking the bot to link a new email without verification. Victims include Obama White House account and Sephora.

HuggingFace Used in DPRK npm Supply Chain Attack

HuggingFace Used in DPRK npm Supply Chain Attack

A DPRK-linked supply chain attack plants a RAT via npm packages and routes all stolen credentials to private HuggingFace datasets. Two AI developer victims confirmed May 28 2026.

Voice AI Security Flaw: AudioHijack Hits 13 Models

Voice AI Security Flaw: AudioHijack Hits 13 Models

Security researchers have found a way to hijack voice AI models using inaudible sounds embedded in ordinary audio clips. AudioHijack achieved 79 to 96 percent success rates across 13 large audio language models.

Free Weekly Newsletter

Stay ahead of Creative AI

Join creators getting the latest AI tools, model releases, and workflow tips delivered weekly.

No spam. Unsubscribe anytime.