OpenAI's Big Model Launch Is Overshadowed by Copyright Sanctions and a Leadership Exit
OpenAI flooded the zone yesterday — new model family, a shuttered browser, a fresh desktop superapp — but a leadership exit and an explosive copyright allegation ensured the product news didn't land clean.
Security
Microsoft published a detailed teardown of GigaWiper, a Windows backdoor that packages three older destructive tools — disk wiper, fake ransomware, and spyware — into a single implant with operator-selectable commands. The modularity is what makes it dangerous: each component can cover for the others, and defenders who catch one may miss the active payload. The fake-ransomware layer is particularly cynical — designed to look like extortion while the underlying wiper destroys data irreversibly. Sophistication and composition suggest state-adjacent actors building flexible, mission-adaptable tooling rather than single-purpose malware.
The RoguePlanet saga got a new wrinkle. Microsoft's out-of-band Defender patch addressed the SYSTEM privilege escalation, but Ars Technica reports that the patch itself introduces a fresh attack surface — a path for attackers to fill a target's hard disk and trigger denial-of-service conditions. The ongoing feud between researcher NightmareEclipse and Microsoft shows no sign of cooling, and the remediation chain now has vulnerabilities of its own.
Datadog Security Labs is warning of coordinated campaigns using dormant GitHub accounts to silently map corporate organizations via the public API. Attackers use aged, apparently legitimate accounts running automated scrapers to enumerate repositories, member lists, and org structure — reconnaissance specifically designed to blend into normal API traffic. The harvested data feeds downstream attacks: supply-chain infiltration, targeted credential stuffing, or spear phishing against maintainers. Corporate teams should audit GitHub organization visibility settings and review which external accounts retain access to private repositories.
OpenMandriva disclosed an attempted sabotage by a contributor following a project dispute — a reminder that open-source supply-chain risk runs both directions.
AI
OpenAI launched GPT-5.6 as the anchor of a new model family claiming improvements in reasoning, coding, and — pointedly — cybersecurity, while confirming it as the preferred model powering Microsoft Copilot amid persistent speculation about that partnership fraying. The company also unveiled a desktop superapp designed to compete directly with Anthropic's Claude Cowork, and a rebranded Codex promising autonomous workflows capable of running "for hours if needed." How the government signed off on GPT-5.6's safety before public release is notably opaque — the specifics of that review process remain unclear, raising questions about what frontier-model safety certification actually entails in practice.
The casualty of the same product wave: ChatGPT Atlas, the standalone AI browser launched last October, is already being shut down. Agentic browsing features move to the desktop app and a Chrome extension — a quiet concession that a dedicated AI browser doesn't justify its own surface area when the desktop client is growing to absorb everything.
None of it went down cleanly. The New York Times accused OpenAI of deliberately hiding evidence in their copyright suit — specifically tools that could identify copyrighted journalism in ChatGPT outputs, and billions of ChatGPT logs that appear to have been withheld or deleted. OpenAI had maintained it couldn't search its training data; NYT says that was false, and has filed for sanctions. If the motion succeeds, an adverse inference instruction at trial would tell a jury the hidden material was damaging — a potentially outcome-altering development for a company in active IPO planning.
Then Fidji Simo, OpenAI's No. 2 and the executive overseeing AGI commercialization, stepped down from her full-time role. A medical leave that was supposed to last a few weeks extended well past that; she is now transitioning to part-time advisor. Losing the operational lead during a product blitz, a copyright crisis, and IPO runway is a compounding problem regardless of how gracefully it's managed.
On the competitive front, Meta entered the AI coding market with Muse Spark 1.1, explicitly targeting Anthropic and OpenAI, while Cursor is reportedly building its own AI agent for the collaborative-workspace territory. The fight for developer workflow is converging on the same ground from multiple directions simultaneously.
Tech
Microsoft's 2026 sustainability report contains a number worth pausing on: carbon emissions rose 25 percent in 2025. The AI infrastructure buildout is the obvious driver — training and inference at scale are power-hungry, and renewable supply isn't keeping pace with GPU cluster expansion. Microsoft has specific, published climate commitments it is now visibly missing. It is not alone among hyperscalers in this bind, but it is among the few with hard targets and a public audit trail that makes the gap undeniable.
Allstate is suing Broadcom over what it characterizes as retaliatory licensing audits — alleging Broadcom initiated audit pressure specifically after Allstate began migrating off VMware and CA products. Broadcom disputes the framing. The suit gives legal form to a complaint many enterprise customers have made informally since the acquisition: that Broadcom uses software audits as a commercial lever against customers who try to leave.
Netflix is weighing always-on channels — continuous linear streams for specific content modeled on Pluto TV and Tubi, but built around Netflix exclusives. It is a meaningful strategic turn for a service built on intentional on-demand viewing, targeting passive viewers who want something on without making a choice.
Between Microsoft's energy math and OpenAI's legal exposure, the AI boom's externalities are landing — on balance sheets, in courtrooms, and on the grid.
Also yesterday
- Fake Paysafe and Skrill SDKs on npm and PyPI Are Actively Stealing Developer Credentials
- Microsoft Patches RoguePlanet Defender Zero-Day Out of Band
- Microsoft Patches RoguePlanet Defender Flaw That Grants SYSTEM Privileges — Apply Now
- New GigaWiper Windows Backdoor Bundles Disk Wiping, Fake Ransomware, and Spyware
- Patch for Windows Defender 0-day could allow attackers to fill hard disk
- Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs
- OpenMandriva Linux says contributor tried to sabotage the project
- OpenAI launches its new family of models with GPT-5.6
- OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot amid breakup chatter
- OpenAI Unveils Claude Cowork Competitor, Desktop ‘Superapp’
- OpenAI wants its new tool to do your work for you and with you
- How did the government decide OpenAI’s frontier model was safe to release?
- The ChatGPT browser is already dead
- OpenAI may have made a fatal misstep in copyright fight with news orgs
- Fidji Simo steps down from OpenAI’s no. 2 role
- Meta enters the crowded AI coding battle with Muse Spark 1.1
- Cursor Is Developing an AI Agent to Compete With Claude Cowork
- Microsoft’s carbon emissions went up 25 percent last year
- Allstate accuses Broadcom of auditing it because it quit VMware, CA
- Netflix reportedly considers adding always-on channels
Synthesized by Claude · sanity-checked before publish.