
SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage
THE SO WHAT
Grok Build quietly uploading entire repos to Google Cloud is a sharp reminder that AI dev tools can become unintentional data exfiltration channels. If you allow AI coding assistants, you need a clear policy, network controls, and vendor attestations on what leaves your environment and where it’s stored.
READ THE SOURCE
MORE FROM THE WIRE
Applied AIOpenAI may announce a ChatGPT smart speaker this year
A screenless, sensor-heavy ChatGPT speaker is a bet that ambient, always-on assistants beat app-based usage. If you build consumer experiences, assume voice + context (camera, environment) becomes a first-class surface, not just another Alexa skill port.
Applied AISources: OpenAI's first device will be a moveable, screen-free smart speaker with a camera and sensors, meant to serve as a humanlike AI companion
A mobile, camera-equipped, screenless companion pushes assistants from “tool you invoke” to “presence in the room.” If you own a consumer brand or service, start thinking about how your experience looks when mediated by an object that roams the home and sees context continuously.
Applied AIAnthropic commits $10 million to Canadian AI research across eight institutions
Anthropic putting $10M CAD into Canadian institutes is another move to anchor talent and safety research in specific ecosystems. If you’re hiring in Canada, expect tighter ties between labs and universities—and more competition for researchers aligned with “beneficial and responsible” AI work.
Applied AIGrok Build was uploading entire Git repositories to xAI’s cloud, including committed secrets
A coding CLI silently shipping full Git history and secrets to the cloud is the nightmare scenario CISOs have been warning about. Treat every AI dev tool as an exfiltration vector—lock down tokens, enforce pre-commit secret scanning, and demand explicit data-handling docs before rollout.