Openai

Something significant happened in New York this week. For the first time, the core maintainers of the Model Context Protocol from all four major AI companies — Anthropic, AWS, Microsoft, and OpenAI — sat in the same room and agreed on a shared roadmap for enterprise-grade MCP security, governance, and reliability. The occasion was the MCP Dev Summit, and the outcome is a formalized enterprise security roadmap under a new governance body: the Agentic AI Foundation (AAIF). The MCP specification itself is moving under AAIF governance, signaling that what began as an Anthropic-led protocol is becoming true industry infrastructure. ...

OpenAI’s Codex just got a major upgrade at the model level. As of April 4, GPT-5-Codex is the default model across Codex CLI, the Codex IDE extension, and Codex cloud environments. This isn’t GPT-5 — it’s a distinct variant, purpose-built for agentic coding workflows. What Is GPT-5-Codex? GPT-5-Codex is a GPT-5 variant optimized specifically for the demands of autonomous coding agents. Where GPT-5 is a general-purpose model, GPT-5-Codex is trained and tuned for: ...

The numbers are almost impossible to process. On March 31, 2026, OpenAI closed a $122 billion funding round at a post-money valuation of $852 billion — making it the largest venture capital funding round in the history of technology. Not just AI. All of tech. To put that in perspective: OpenAI is now worth more than most G7 nations’ annual GDP. It’s worth more than three Nvidias from three years ago. And it’s still private. ...

A carefully crafted malicious prompt could turn an ordinary ChatGPT conversation into a covert data exfiltration channel — silently leaking your messages, uploaded files, and AI-generated summaries without any warning. Check Point Research published full technical details on March 31, 2026 of a vulnerability that OpenAI patched on February 20, 2026. The Architecture of a Silent Exfiltration ChatGPT runs code in a sandboxed Linux environment with outbound web controls designed to prevent unauthorized data sharing. The controls block direct HTTP/HTTPS requests — but the researchers discovered a critical gap: DNS lookups were not subject to the same outbound restrictions. ...

A critical vulnerability in OpenAI Codex — silently patched in February 2026 — allowed attackers to steal GitHub OAuth tokens through command injection, potentially compromising entire enterprise organizations sharing code repositories. Full public disclosure arrived March 31, 2026, thanks to research from Phantom Labs. The Vulnerability Phantom Labs, an identity security firm, discovered that OpenAI Codex was vulnerable to command injection in its shell execution environment. An attacker who could influence the commands sent to Codex — through crafted prompts, malicious repository content, or injected tool responses — could exfiltrate the GitHub OAuth token that Codex uses to authenticate with repositories. ...

Anthropic’s Claude has been quietly staging one of the more impressive subscription growth stories in AI. According to TechCrunch reporting, Claude’s paying consumer subscriber base has doubled in recent months — with estimates putting total users somewhere between 18 million and 30 million. The growth isn’t random. It’s driven by two specific capabilities that users are actually paying for: computer use and persistent memory. What’s Driving the Surge Computer use — Claude’s ability to control a desktop environment, browse the web, operate applications, and complete multi-step tasks autonomously — is the headline agentic feature. It’s genuinely different from what competitors offer at a consumer subscription tier. ChatGPT can help you write and search; Claude can actually click around your computer and do the work. ...

OpenAI is burning through an estimated $200 million per month — and the agentic products that were supposed to transform its revenue story are still not profitable. That number raises questions that every enterprise building on OpenAI’s platform should be asking seriously. This isn’t about rooting for or against OpenAI. It’s about what vendor sustainability means when you’re building mission-critical agentic infrastructure on someone else’s platform. The Numbers in Context $200M per month is $2.4 billion per year in operating losses. OpenAI has raised extraordinary amounts of capital — Microsoft’s multi-billion dollar commitment, additional rounds from other investors — but the burn rate relative to revenue growth is a metric worth watching. ...

OpenAI has just made a significant move in the enterprise AI coding wars: Codex now ships with a plugin marketplace featuring more than 20 integrations — including Slack, Figma, Notion, Gmail, and Google Drive. It’s a direct challenge to Claude Code’s developer momentum, and it signals that the battle for the enterprise AI workflow isn’t just about model quality anymore. It’s about ecosystem. What the Codex Plugin Directory Actually Is The new Codex Plugin Directory isn’t just a list of app connections. Each plugin bundles three things together: ...

OpenAI has launched its first public Safety Bug Bounty program — and it’s squarely focused on the attack surfaces that matter most for agentic AI: prompt injection, MCP-based hijacks, data exfiltration from ChatGPT Agent, and platform integrity flaws. Top reward: $100,000 for critical safety vulnerabilities. This isn’t a standard security bounty. It’s specifically designed to capture the class of AI-native risks that traditional vulnerability disclosure programs aren’t built for — the kind of things that don’t show up in CVE databases but can cause real harm at scale when AI agents are acting in the world. ...

OpenAI shipped ChatGPT Library — a persistent file storage system that survives across conversations — and most coverage has treated it as a quality-of-life feature. You can finally keep your documents without re-uploading them. Convenient! But there’s a more interesting way to read this announcement, and it’s the one that matters for anyone tracking how AI agents are evolving: this is memory infrastructure, and it’s the foundation that makes persistent agents possible at scale. ...