In partnership with

News of the day

1. OpenAI unveils GPT-Red, an AI hacker designed to find and fix vulnerabilities in its own models, enhancing safety and robustness. Read more

2. Microsoft is reportedly training its sales team to highlight the cost-effectiveness and efficiency of its own AI models over those from OpenAI and Anthropic. Read more

3. New AI-powered method analyzes naturalness of facial expressions to detect deepfake videos with over 95% accuracy, outperforming existing tools. Read more

4. Former DeepMind researcher Andrew Dai secured $55M seed funding at a $300M valuation for Elorian, focusing on visual AI. Read more

Our take

Hi Dotikers!

Yesterday we watched OpenAI push its AI into your living room, deeper into your daily life, richer in your data, harder to ignore. Today, the other face of that same expansion. The more an AI reaches into everything, your emails, your code, the open web, your home, the more there is to break into. So OpenAI just did something logical and slightly vertiginous: it built an AI super-hacker to attack its own models.

Its name is GPT-Red, and it is a red-teamer on autopilot. OpenAI dropped an untrained model into a kind of sparring dojo against several of its other models, one side told to attack, the others to defend. Round after round, the attacker grew sharper and the defenders grew tougher. GPT-Red hunts mostly for prompt injections, the signature weakness of agents, where hidden instructions buried in a webpage or an email quietly hijack the model. It even discovered a new one the researchers had never seen: a fake chain of thought, planting a false note in a model's own reasoning so it acts on a lie. Tell it that one plus one is three and that it already checked, and it obediently answers three.

The results are honest, which is rare. More than 90% of GPT-Red's strongest attacks broke last year's GPT-5. Fewer than 23% break the new GPT-5.6. Real progress, and OpenAI says the exercise made this its most robust model yet. But 23% is not zero, the machine still struggles with back-and-forth attacks and with images, and human testers still catch what it misses. The verdict from Georgetown's security researchers is measured: promising, and human expertise still matters.

Then comes the part that lingers. To defend yourself, you must first build the best attacker in the world. Safety now depends on owning the strongest offensive AI, trained for over a year on the compute of one of the richest companies alive. OpenAI will not release GPT-Red, and it bets no one else can rebuild it. Security quietly becomes a function of concentration and secrecy: the safest model belongs to whoever can afford the most dangerous one.

For those of us who put agents to work, none of this is abstract. "The risk surface grows and the blast radius also grows," says one of its creators, and that is simply the daily reality of handing an agent your mailbox, your files, your tools. Yesterday's intrusive home assistant is tomorrow's attack surface. The more access you grant, the wider the crater when something slips through.

Which is the whole, uncomfortable point. Every defense here is forged by a stronger attack, and every attack sharpens the next defense. There is no finish line, only a sparring match that never stops. And in security, the number that decides your fate is never the share you blocked. It is the single one that got through.

M.

Six people doing the work. Your headcount is one.

Your finance close runs in #finance. Stripe and QuickBooks reconciled, runway updated, posted Sunday night without you asking.

Engineering review lands in #eng. Viktor pulled the open PRs, left comments on auth-refactor, flagged a dependency blocking api-pagination.

Campaign brief lands in #growth: Meta CPA up 18%, recommendation to pause broad match, a draft landing page already deployed for the variant test.

You hired him on day zero. He lives in Slack and Microsoft Teams alongside your contractors and investors, connects to 3,000+ tools, pushes back when you ship something dumb.

"Viktor is now an integral team member, and after weeks of use we still feel we haven't uncovered the full potential." Patrick, Director, Yarra Web.

Meme of the day

Reply

Avatar

or to participate

Keep Reading