AI Daily: Google Antigravity Major Vulnerability? OpenAI Ends Mixpanel Partnership, DeepSeek Math Model Arrives

This week in AI has been anything but quiet. On one hand, there’s the excitement of new tools; on the other, a series of security concerns. From major vulnerabilities discovered in Google’s highly anticipated new IDE, to OpenAI scrambling after a third-party vendor hack, it’s a stark reminder: when using powerful tools, security awareness is non-negotiable. However, there is good news too: the open-source community welcomes a powerful math model, and Adobe has released a rare free benefit.

This article will take you deep into the ins and outs of these events, analyzing the technical details behind them, and providing practical advice.

Google Antigravity: Security Concerns Behind the Hype

Google’s recently launched AI-assisted development environment (IDE), Antigravity, has garnered immense attention. According to official statements, the tool’s popularity has far exceeded expectations.

The Antigravity team stated on X (formerly Twitter) that due to a massive influx of users in a short period, server loads are facing challenges. They are actively expanding capacity to ensure a smooth experience while increasing usage limits for Google AI Pro and Ultra subscribers.

However, just as developers are rushing to try it out, security researchers have issued severe warnings about the tool.

The Trap Hidden in Code

According to an in-depth analysis by security blog Embrace The Red, Antigravity currently has several worrying security vulnerabilities. The core issue lies in its insufficient defense against “Indirect Prompt Injection.”

What does this mean? Simply put, attackers can hide malicious instructions within a code repository (Repo). When Antigravity’s AI agent reads this code, it unknowingly executes the commands pre-set by the attacker.

Researchers pointed out several specific risk points:

• Remote Code Execution (RCE): By default, Antigravity allows the AI to decide whether to execute terminal commands, lacking a mandatory “Human-in-the-loop” review mechanism. This is like giving your house keys to an AI without watching it open the door. Attackers can exploit this to trick the AI into downloading and executing malicious programs.
• Invisible Command Attacks: Attackers can even use invisible Unicode Tag characters to hide commands within code or MCP tool outputs. Developers won’t see them during Code Review, but the AI will accept them fully.
• Data Exfiltration Risk: Another security platform, PromptArmor, demonstrated how the AI could be manipulated to read sensitive developer files (like .env config files). Even if files are listed in .gitignore, the AI might bypass restrictions to read content and send secrets back to the attacker via maliciously constructed URLs.

Experts currently suggest that when using Antigravity, it is best to disable the “Auto-execution” feature and remain highly vigilant regarding all terminal commands.

OpenAI Ends Mixpanel Partnership Due to Security Incident

Coincidentally, OpenAI also recently released an important announcement regarding data security.

This incident did not stem from a breach of OpenAI’s own systems but originated from its third-party data analytics vendor, Mixpanel. OpenAI used Mixpanel to analyze front-end usage of its API products to improve product experience.

What Happened?

Mixpanel’s systems suffered unauthorized access. Although this incident did not affect ChatGPT users, nor did it touch passwords, API keys, or payment information, some non-sensitive information of API users was leaked.

The compromised data includes:

• Email addresses associated with API accounts
• Approximate geographical location (based on browser information)
• Operating system and browser versions used for access

OpenAI responded quite rapidly after being notified, completely removing Mixpanel from its production environment and announcing the termination of its partnership with the company. This also reflects the challenges tech companies face in supply chain security: even if your own doors are locked tight, a partner’s vulnerability can still become a breach point.

For users, this is a good time to enable Multi-Factor Authentication (MFA) and stay vigilant against any suspicious emails claiming to be from OpenAI.

DeepSeek-Math-V2: A New Milestone for Open Source Math Reasoning

On the technical development front, the open-source community has received exciting news. DeepSeek has released its latest mathematical reasoning model: DeepSeek-Math-V2.

In the past, mathematical reasoning has been a weakness of large language models, with top-tier performance mostly monopolized by closed-source models from OpenAI or Google. The emergence of DeepSeek-Math-V2 has broken this status quo.

Why Is This Important?

This model, boasting 685B parameters, adopts the Apache 2 license, meaning researchers and developers can use it freely. According to its published paper, the model’s performance in math competitions has reached “Gold Medal Level”:

• IMO 2025 (International Mathematical Olympiad): Reached the gold medal score threshold.
• Putnam 2024: Scored an amazing 118 out of 120 points.

The DeepSeek team introduced a “Self-Verification” training mechanism. They didn’t just train the model to give the correct answer but also trained a verifier to check the rigor of the reasoning process. This is crucial for solving open-ended math problems that lack standard answers. This demonstrates that the capabilities of open-source models in specific domains are rapidly catching up to, or even rivaling, top-tier commercial models.

Adobe Photoshop Web Version Releases Limited-Time Free Offer

Finally, some light and practical news. Adobe is promoting its Photoshop web version and has rolled out a very sincere offer.

Users who register before December 8, 2025, can get a 12-month free trial without paying any fees.

How to Claim?

1. Go directly to the Adobe Photoshop Web Version.
2. Log in with a Google account to start using it.
3. Alternatively, you can install the Chrome Extension. Once installed, a PS icon will appear in the top left corner of web images; clicking it allows you to enter the online editing interface directly.

For users who need temporary photo editing or want to experience Photoshop features without installing massive software, this is an opportunity not to be missed.

FAQ

Q: Given the vulnerabilities, should I still use Google Antigravity? Antigravity currently poses a risk of “Indirect Prompt Injection” attacks. It is recommended that developers take defensive measures when using it, such as: disabling the auto-execution of terminal commands and manually reviewing every command. Also, avoid using AI agent features directly on untrusted open-source projects, as malicious commands may be hidden in the project’s code.

Q: I am an OpenAI API user, do I need to change my password? According to OpenAI, this Mixpanel incident did not leak user passwords, API Keys, or payment information. Therefore, a mandatory password reset is not necessary. However, for security, enabling Multi-Factor Authentication (MFA) is always a best practice for account protection.

Q: How does DeepSeek-Math-V2 help general developers? Although it is a model specialized in mathematics, its underlying “Self-Verification” technology improves the accuracy of logical reasoning. For developers dealing with complex algorithms, data analysis, or scientific computing, this open-source model provides a powerful and free local alternative, no longer relying entirely on expensive cloud APIs.

Q: Is the Photoshop web version as powerful as the desktop version? The web version includes core Photoshop features such as layers, masks, healing tools, and the latest generative AI features. While it may not be as complete as the desktop version for handling extremely large files or certain professional filters, it is more than sufficient for the vast majority of photo editing, design, and compositing needs, with the advantage of being instant-on and not consuming computer disk space.