Hi, I'm Vivian, a cybersecurity and AI Product Manager trying to keep up with an industry that moves faster than I can whisk up my morning matcha. Every week brings a new wave of vulnerabilities, AI security mishaps, and breaches that keep us on our toes, so I take some time to share the most interesting news instead of letting it all blur together. Let's dive into what kept us up at night recently in cybersecurity and AI security.

AI News:

Anthropic Launches "Cowork" for Desktop Automation

Anthropic released "Cowork," a research preview feature for Claude Max subscribers that executes multi-step projects across a user's computer and web browser. Built on the same foundation as Claude Code but designed for general productivity, Cowork can organize local files, draft reports from scattered notes, or create spreadsheets from screenshots with minimal user guidance. The tool integrates with "Connectors" for external data access and pairs with the Claude in Chrome extension for browser-based tasks. Anthropic warns users about potential risks like prompt injection and accidental data deletion during this early testing phase.

Apple Partners with Google to Power Next-Generation Siri

Apple and Google announced a multi-year partnership integrating Gemini models into the Apple Intelligence framework, underpinning a major Siri overhaul expected later in 2026. Google's AI and cloud infrastructure will serve as the foundation for Apple's models, enabling Siri to perform more complex tasks like cross-app planning and summarization. Apple confirmed no changes to their existing partnership with OpenAI.

Anthropic Unveils "Claude for Healthcare" Suite

Anthropic launched "Claude for Healthcare," a collection of HIPAA-ready AI tools designed to automate tasks for providers, insurers, and researchers while giving consumers insights into personal medical data. The suite includes specialized "connectors" that integrate with industry platforms like the CMS Coverage Database, Apple Health, and clinical trial repositories. Capabilities include autonomously drafting prior authorizations, summarizing patient history, and accelerating drug discovery. Health data integrations remain opt-in and are not used for model training.

 

AI and Cybersecurity Vulnerabilities

Critical Vulnerability Enables Full Takeover of n8n Servers

A critical vulnerability called "Ni8mare" with a CVSS score of 10.0 was discovered in locally deployed n8n automation instances. The flaw allows unauthenticated attackers to execute remote code by exploiting a Content-Type confusion error in file upload requests. Attackers can overwrite internal variables to read sensitive system files like databases and configuration keys, forge valid session cookies, bypass authentication to log in as administrators, and execute arbitrary commands.

Google Removes Health AI Summaries Following Misinformation Reports

Google removed certain AI Overview summaries after an investigation revealed the feature was providing dangerous and inaccurate medical advice, including incorrect normal ranges for liver function tests. Experts warned that AI-generated summaries appearing at the top of search results lacked crucial context like patient age or medical history, potentially causing seriously ill individuals to skip necessary care. While Google removed specific flagged queries, health organizations criticized the reactive approach and noted the underlying system remains prone to surfacing misleading information for complex medical topics.

"ZombieAgent" Attack Exploits ChatGPT Connectors

Researchers identified "ZombieAgent," an attack vector that abuses OpenAI's Connectors feature to establish persistence and exfiltrate sensitive data. By injecting malicious instructions into shared files or emails, attackers can trick ChatGPT into reading private information from connected services like Gmail or Google Drive and transmitting it to external servers. The vulnerability also enables a "zombie" state where the AI modifies its own memory to execute attacker commands on every future interaction, turning the chatbot into a dormant spy that continuously harvests data even in new, unrelated sessions.

 

Cybersecurity News

Betterment Confirms Data Breach via Social Engineering Attack

Betterment confirmed a security incident where hackers used social engineering to access internal tools and send fraudulent push notifications to users. The notifications promised to "triple" cryptocurrency holdings in exchange for $10,000 transfers to malicious wallets. While no customer funds, passwords, or login credentials were compromised, the breach exposed user contact information. Betterment revoked unauthorized access immediately and is investigating the extent of the exposure.

University of Hawaii Cancer Center Pays Ransom After Data Breach

The University of Hawaii Cancer Center confirmed a ransomware attack that occurred in August but wasn't disclosed to the state legislature until December, potentially violating state reporting laws. Attackers breached servers and encrypted files containing sensitive participant data from a cancer research study, including Social Security numbers, names, and addresses. University officials confirmed they paid the hackers for a decryption tool and a promise of data destruction, though the payment amount and exact number of affected individuals remain undisclosed.



That's all for now… Stay informed and protected.