AI Daily — May 14, 2026
2026-05-14
openai.com
Our response to the TanStack npm supply chain attack
OpenAI disclosed it was affected by the 'Mini Shai-Hulud' supply chain attack targeting the TanStack npm ecosystem, which compromised signing certificates used in OpenAI macOS apps. The company has outlined remediation steps and is requiring all macOS users to update their OpenAI apps by June 12, 2026 to rotate to new, uncompromised certificates. This is a concrete real-world example of AI tooling infrastructure becoming a target in software supply chain attacks.
openai.com
Building a safe, effective sandbox to enable Codex on Windows
OpenAI published a technical deep-dive on how they engineered a secure sandboxing environment for Codex agents running on Windows, including controlled filesystem access and network restrictions to limit blast radius during autonomous code execution. The post details the isolation mechanisms necessary to run coding agents safely in production environments. This is relevant infrastructure engineering context for teams deploying AI coding agents at scale.
www.technologyreview.com
AI chatbots are giving out people's real phone numbers
Google's AI features have been surfacing users' personal phone numbers in response to queries, apparently drawn from indexed web content, with no clear opt-out mechanism available. Affected users report receiving waves of misdirected calls after their contact information was incorrectly associated with businesses or professions by the AI. This highlights a concrete data privacy failure mode where retrieval-augmented AI conflates and amplifies personally identifiable information from the web.
rss.arxiv.org
Correct Answers from Sound Reasoning: Verifiable Process Supervision for Language Models
This paper introduces Verifiable Process Supervision (VPS), a post-training framework that jointly optimizes final answer accuracy and intermediate reasoning quality, addressing the known failure mode where RL-from-outcome-rewards improves task scores while degrading reasoning soundness. VPS applies SFT to induce structured reasoning formats, then extracts intermediate claims syntactically and scores them against ground-truth signals to form process-level rewards. This is a practically motivated approach to the reward hacking problem in chain-of-thought training.
rss.arxiv.org
Do Androids Dream of Breaking the Game? Systematically Auditing AI Agent Benchmarks with BenchJack
The paper introduces BenchJack, an automated red-teaming system that drives coding agents to find reward-hacking exploits in agent benchmarks, operating in a clairvoyant adversarial mode. The authors derive a taxonomy of eight recurring benchmark flaw patterns from past incidents and compile them into an Agent-Eval Checklist for benchmark designers. The work makes a methodological case that agent benchmarks must be hardened by design, not patched reactively after frontier models spontaneously discover exploits.