Today in AI — 28 March 2026
Today's top AI news — curated links and commentary on the stories that matter for product builders.
Today's story is security. Anthropic's accidentally leaked Mythos model spooked cybersecurity markets, IBM named the first confirmed AI-generated malware in a live attack, and two popular agent frameworks are under active exploitation. The tools builders depend on are becoming the attack surface.
The Mythos fallout
A CMS misconfiguration exposed details of Claude Mythos, crashing cybersecurity stocks within hours. A federal judge separately blocked the Pentagon's retaliatory Anthropic ban.
- Anthropic accidentally reveals Claude Mythos, a 'step change' model with unprecedented cyber capabilities — Fortune
- Cybersecurity stocks crash as market prices in Anthropic's Mythos capabilities — CNBC
- Federal judge blocks Pentagon's Anthropic ban, calls it 'Orwellian' retaliation — Defense One
AI tooling under attack
The frameworks builders use to wire up agents are becoming targets. CISA flagged active Langflow exploitation within 20 hours of disclosure, three LangChain/LangGraph flaws expose files, secrets, and databases, and IBM confirmed the first AI-generated malware in a live ransomware campaign.
- CISA warns that Langflow AI agent framework is under active exploitation — BleepingComputer
- Three security flaws in LangChain and LangGraph expose files, secrets, and databases — The Hacker News
- IBM discovers Slopoly, the first confirmed AI-generated malware used in a ransomware campaign — IBM X-Force
Google ships on three fronts
Google launched Gemini 3.1 Flash Live with real-time multimodal voice across 200+ countries, added tools to import ChatGPT and Claude conversation history, and released Lyria 3 Pro for AI music. The import play is the interesting move: Google is betting switching costs are the real moat.
- Google launches Gemini 3.1 Flash Live and takes Search Live global in 200+ countries — Google Blog
- Google Gemini now imports your ChatGPT and Claude conversation history and preferences — 9to5Google
- Google launches Lyria 3 Pro with AI-generated music tracks up to 3 minutes long — Google Blog
Open-source momentum
Cohere's Apache 2.0 Transcribe model tops ASR benchmarks. Meta open-sourced TRIBE v2 for brain encoding. And Reflection is raising $2.5B at $25B for open-weight models, with JPMorgan joining Nvidia as a backer.
- Cohere launches Transcribe, an open-source speech model that tops ASR benchmarks — TechCrunch
- Meta open-sources TRIBE v2, a brain encoding model trained on 1,000+ hours of neural data — Meta AI
- Nvidia-backed Reflection eyes $2.5B round at $25B valuation for open-source AI — Tech Startups
Building faster
OpenAI's Codex marketplace bundles 20+ integrations for Slack, Figma, and Notion. ByteDance put Seedance 2.0 inside CapCut. And Reco rewrote JSONata in Go using AI in 7 hours, scoring a 1,000x speedup.
- OpenAI launches Codex plugin marketplace with 20+ integrations for Slack, Figma, and Notion — The Decoder
- ByteDance launches Seedance 2.0 AI video generation inside CapCut — TechCrunch
- Reco rewrites JSONata with AI in 7 hours and $400, saves $500K per year — Reco
If you're building on AI agent frameworks, audit your dependencies with the same urgency you'd audit your models. The attack surface is growing faster than the defence.