AI News Recap: January 23, 2026
AI Weekly: GPT-5.2 Develops Zero-Day Exploits, AI Agents Build Browser in 7 Days
AI Can Now Build Browsers and Break Into Systems. Are We Ready?
This week's AI news reads like a cybersecurity thriller. GPT-5.2 demonstrated it can reliably develop zero-day exploits at scale, while researchers uncovered a prompt injection flaw that turns innocent Google Calendar invites into attack vectors. The question isn't whether AI will reshape security; it's whether defenders can keep up.
Note: Firstly, hope you are doing well, and welcome! Just a little PSA letting everyone know that the AI news section will incorporate ai tools and ai-related cybersecurity articles again. I haven't figured out how I want to organize things yet, but I want to keep things as simple as possible.
Table of Contents
👋 Catch up on the Latest Post
🔦 In the Spotlight
🗞️ AI News
🧩 NeuralBuddies Word Search
👋 Catch up on the latest post …
🔦 In the Spotlight
Google Gemini Flaw Turns Calendar Invites Into Attack Vector
Category: AI Safety & Cybersecurity
📅 Researchers discovered an indirect prompt injection flaw in Google Gemini’s integration with Calendar that lets attackers embed malicious natural-language instructions inside event invites, bypassing privacy controls.
📤 The injected payload can silently make Gemini summarize a user’s private meetings, exfiltrate the data into a new calendar event’s description, and present the user with a harmless-looking response like confirming a “free time slot.”
🛡️ The vulnerability highlights a structural limitation in LLM-powered apps, showing that traditional pattern-based defenses are inadequate and that defenders must add semantic, runtime controls that govern Gemini’s permissions and intent.
🗞️ AI News
Why It’s Critical To Move Beyond Overly Aggregated Machine-Learning Metrics
Category: Testing, Evaluation & Benchmarking
📉 MIT researchers show that machine-learning models which appear highly accurate on average in one setting can become the worst-performing models for 6–75 percent of data when deployed in a different setting, with aggregate metrics hiding these failures.
🧪 Using medical imaging and hate-speech detection tasks, the team finds that models often rely on spurious correlations that break in new environments, leading to poor performance on specific sub-populations such as certain chest X-ray conditions.
🛠️ The authors introduce an algorithm called OODSelect to systematically uncover subsets where “best” models fail out of distribution and release code and identified subsets to support better evaluation practices and more reliable models.
Not To Be Outdone By OpenAI, Apple Is Reportedly Developing An AI Wearable
Category: Business & Market Trends
📌 Apple is reportedly developing an AI wearable in the form of a clothing pin, featuring two cameras, three microphones, a speaker, a physical button, and a Fitbit-like charging strip in an aluminum-and-glass disc roughly the size of an AirTag.
🗓️ The device could launch as early as 2027 with a reported initial production target of around 20 million units, as Apple accelerates development to compete in the emerging AI hardware market alongside OpenAI’s upcoming device.
🧿 The product concept follows earlier AI pin efforts like Humane’s camera-and-mic-based wearable, which failed commercially and was eventually shut down and sold to HP, raising questions about consumer demand for such devices.
The Quiet Work Behind Citi’s 4,000-Person Internal AI Rollout
Category: Workforce & Skills
🧑💻 Citi has built an internal AI workforce of around 4,000 “AI Champions” and “AI Accelerators” across functions like technology, operations, risk, and customer support to embed AI into everyday work.
🧠 Over 70% of Citi’s roughly 182,000 employees now use firm-approved AI tools for tasks such as document summarization, drafting notes, data analysis, and software development, all under strict guardrails on data use and outputs.
🏗️ The bank’s adoption model relies on volunteer champions, internal training and badges, and team-level support rather than top-down pilots, treating AI as core work infrastructure rather than a side innovation project.
Two Thinking Machines Lab Cofounders Are Leaving To Rejoin OpenAI
Category: Business & Market Trends
🔁 Thinking Machines Lab cofounders Barret Zoph and Luke Metz are leaving the startup and rejoining OpenAI, along with staffer Sam Schoenholz, in a move described internally as a major win for OpenAI.
⚖️ Conflicting narratives surround Zoph’s exit, with a source alleging he shared confidential information with competitors and was fired for “unethical conduct,” while an internal OpenAI memo states the company does not share those concerns.
🧪 The departures deal a blow to Thinking Machines, which has already lost cofounder Andrew Tulloch to Meta, even as the lab pursues aggressive fundraising at valuations reportedly rising from $12 billion toward $50 billion for its Tinker model-customization platform.
NotebookLM Adds Data Tables: Turn Sources Into Structured Sheets
Category: Tools & Platforms
📊 NotebookLM now includes a data table feature that lets users organize information from their sources into grid-style tables with rows and columns directly inside a notebook.
📤 Created data tables can be exported from NotebookLM straight to Google Sheets for further editing or integration with other datasets.
🧭 Users access the feature by opening a notebook with at least one source, then selecting the Data Table option in the Studio column and using the pencil icon to define the table details, with rollout continuing over the coming weeks.
New Study Claims GPT-5.2 Can Reliably Develop Zero-Day Exploits At Scale
Category: AI Safety & Cybersecurity
🧪 A technical study shows GPT-5.2 can systematically develop working exploits for a previously unknown QuickJS zero-day, achieving a 100% success rate across six exploitation scenarios under realistic defensive constraints.
💣 Across multiple high-token-budget runs, GPT-5.2 and Opus 4.5 generated over 40 distinct exploits with goals such as spawning shells, arbitrary file writes, and command-and-control callbacks, at costs low enough to make large-scale automation feasible.
📉 Researchers warn that offensive cyber capabilities may soon be limited more by token throughput than human expertise and urge security teams to evaluate frontier models against real-world zero-days in complex targets like the Linux kernel and Firefox.
Chrome’s Gemini Is Getting “Skills” As It Moves Toward Becoming A Full AI Agent
Category: Tools & Platforms
🧩 A new “Skills” feature for Gemini in Chrome is under testing, exposing a
chrome://skillspage where users can name skills and give custom instructions so the AI can handle specific or repetitive browser workflows.🤖 With Skills, Gemini is evolving from a passive sidebar assistant that summarizes pages or compares tabs into an active agent that can interact with browser architecture and execute multi-step tasks on the user’s behalf.
🔗 Google plans deeper integration so Gemini can work directly from the omnibox or sidebar with services like browsing history, Calendar, YouTube, and Maps, enabling skills such as automatically extracting details from a webpage and scheduling events.
AI Agents Built A Web Browser In One Week And That Should Make Us Pause
Category: AI Research & Breakthroughs
🌐 Hundreds of AI agents powered by GPT-5.2-Codex collaboratively built a functional web browser called FastRender from scratch in about one week, including a full rendering engine written in Rust.
🧩 FastRender implements core browser components such as HTML parsing, CSS cascade and layout, text shaping, painting and rendering, plus a custom JavaScript virtual machine capable of correctly rendering simple websites.
🧠 The project used a hierarchical multi-agent setup, where planner agents explored the codebase and created tasks for other agents, after flat, unstructured agent swarms failed due to risk-averse behavior and stalled progress.
ElevenLabs Made An AI Album To Plug Its Music Generator
Category: Generative AI & Creativity
🎵 ElevenLabs released The Eleven Album, a collection of AI-generated songs designed to demonstrate how artists can use its Eleven Music generator while retaining full authorship and commercial rights.
🎤 Thirteen artists, including Liza Minnelli, Art Garfunkel, Willonius, and others, contributed tracks that blend their signature styles with Eleven Music’s generative capabilities, with artists keeping 100 percent of streaming revenue.
🤝 The album’s launch aligns with recent licensing deals between major labels like Universal, Warner, and Sony and various AI music platforms, reflecting a broader shift toward formally integrating AI-generated music into the industry.
ChatGPT Introduces Age Prediction Technology
Category: AI Safety & Cybersecurity
👶 OpenAI is rolling out age prediction technology for ChatGPT that estimates whether an account likely belongs to someone under 18 using behavioral and account-level signals.
🛡️ Accounts flagged as under 18 are directed to a teen version of ChatGPT that restricts sensitive content such as graphic violence, sexual or romantic role play, self-harm topics, and extreme beauty or dieting content, with a default to the safer experience when age is uncertain.
🪪 Users incorrectly classified as under 18 can verify their age through Persona identity verification, as regulators and families scrutinize how AI chatbots interact with minors amid lawsuits alleging harm to young users.
Todoist’s App Now Lets You Add Tasks To Your To-Do List By Speaking To Its AI
Category: Tools & Platforms
🗣️ Todoist is launching an AI-powered “voice-to-tasks” feature called Todoist Ramble that turns natural, unstructured speech into organized tasks with details like deadlines, priorities, durations, and assignees.
⚙️ Ramble runs on Todoist Assist, using Google’s Gemini 2.5 Flash Live via Vertex AI to stream and transcribe audio in real time, extract task information, and update tasks as users refine their instructions while speaking.
🌍 The feature is now available across iOS, Android, desktop, and web in 38 languages, with limited monthly sessions on the Beginner plan and unlimited usage for Pro and Business subscribers after successful beta testing.
