A carefully crafted malicious prompt could turn an ordinary ChatGPT conversation into a covert data exfiltration channel — silently leaking your messages, uploaded files, and AI-generated summaries without any warning. Check Point Research published full technical details on March 31, 2026 of a vulnerability that OpenAI patched on February 20, 2026. The Architecture of a Silent Exfiltration ChatGPT runs code in a sandboxed Linux environment with outbound web controls designed to prevent unauthorized data sharing. The controls block direct HTTP/HTTPS requests — but the researchers discovered a critical gap: DNS lookups were not subject to the same outbound restrictions. ...

A new critical vulnerability in OpenClaw — tracked as CVE-2026-32971 — allows attackers to obtain human approval for a benign-looking command while executing an entirely different, malicious payload. If you’re running OpenClaw before version 2026.3.11, patch now. The Vulnerability CVE-2026-32971 is a flaw in how OpenClaw’s node-host system.run approval mechanism displays shell commands to users. When the approval dialog is triggered, OpenClaw extracts and displays only a subset of the shell payload — the portion it considers “representative” — rather than the full argv that will actually be executed. ...

A critical vulnerability in OpenAI Codex — silently patched in February 2026 — allowed attackers to steal GitHub OAuth tokens through command injection, potentially compromising entire enterprise organizations sharing code repositories. Full public disclosure arrived March 31, 2026, thanks to research from Phantom Labs. The Vulnerability Phantom Labs, an identity security firm, discovered that OpenAI Codex was vulnerable to command injection in its shell execution environment. An attacker who could influence the commands sent to Codex — through crafted prompts, malicious repository content, or injected tool responses — could exfiltrate the GitHub OAuth token that Codex uses to authenticate with repositories. ...

It happened again — and this time the exposure was massive. On March 31, 2026, security researcher Chaofan Shou (@shoucccc) discovered that Anthropic’s Claude Code CLI had inadvertently published its entire source code inside a 60MB source map file (cli.js.map) bundled within its npm package. Within hours, the community had mirrored the code, opened GitHub repos cataloguing the exposure, and the story had broken across cybersecurity news outlets worldwide. This is reportedly the second time in a year that Claude Code’s source has leaked through the same vector. ...

For decades, being a great developer meant being able to write code. Today, Fortune argues, that’s changing — and the new premium skill isn’t writing. It’s supervising. In a piece published today, Fortune makes the case that AI agents and vibe coding are creating what they call a “Supervisor Class” — a new archetype of developer who derives their value not from syntax mastery, but from high-level judgment and the ability to direct autonomous systems effectively. ...

Today’s Claude Code source leak was a good reminder that shipping to npm is a security surface area that many developers don’t audit carefully enough. A 60MB .map file contained Anthropic’s entire CLI source. This guide shows you how to prevent the same thing from happening to your own packages. Why Source Maps Are the Hidden Risk Source maps (.js.map files) are generated by build tools like webpack, esbuild, Rollup, and Parcel to help with debugging. They map your compiled, minified output back to the original source. In development and CI, this is exactly what you want. ...

The wall between AI agents and your browser just came down. Opera announced today that Opera Neon — the company’s experimental AI-first browser — now supports the Model Context Protocol (MCP) as a native server. This means external AI clients — including Claude Code, ChatGPT, n8n, Lovable, and OpenClaw — can connect directly to a live Neon browser session, access your real-time web context, and take actions inside pages. No Playwright. No Selenium. No screenshots copied and pasted between apps. Just agents talking directly to your browser. ...

Shopify activated Agentic Storefronts for all eligible US merchants on March 24, 2026. Products from 5.6 million Shopify stores are now discoverable and purchasable inside ChatGPT, Microsoft Copilot, Google AI Mode, and the Gemini app — managed via a single toggle in the Shopify Admin. No separate integrations. No new apps. Products are already there. This is the biggest structural change to e-commerce distribution since Google Shopping launched in 2012. When someone asks ChatGPT for a standing desk under $400 this week, Shopify merchant products can show up in that answer. That’s not a roadmap item. It shipped. ...

The last two co-founders of xAI have departed. Manuel Kroiss and Ross Nordeen left the company in late March 2026, completing a cascade of exits that began in earnest when Tony Wu departed on February 10. All 11 original co-founders of Elon Musk’s AI startup are now gone. This is not a gradual organizational shift. In a company that turned three years old this year, the entire founding team has exited within a matter of weeks. The pace and completeness of the departures is unusual even by the standards of the current AI industry churn. ...

Mistral AI announced Monday it has secured $830 million in debt financing from a consortium of seven global banks to build a new data center near Paris. The site at Bruyères-le-Châtel will be powered by 13,800 NVIDIA GB300 GPUs and is set to become operational in Q2 2026. Simultaneously, Mistral announced a partnership with Accenture to help large enterprises deploy its models in production agentic workflows. The deal is notable for its structure as much as its scale. Mistral chose debt over equity — a departure from the equity-heavy funding rounds that have defined the AI startup era. The seven-bank consortium includes Bpifrance, BNP Paribas, Crédit Agricole CIB, HSBC, La Banque Postale, MUFG, and Natixis CIB. ...