This weekly update reveals major privacy and security concerns surrounding AI agents that handle personal data. Researchers found that Apple's Siri assistant sends sensitive user messages, including WhatsApp communications, to company servers even when not needed. This happens outside Apple's advertised Private Cloud Compute system, raising questions about how AI agents actually protect user data.

Meanwhile, security flaws in McDonald's AI hiring chatbot Olivia exposed personal information from up to 64 million job applicants. Hackers could access chat logs and contact details just by changing simple ID numbers. Even worse, they gained admin access using the password "123456" - showing how poorly some AI agents are secured.

New regulations are trying to catch up with AI agent risks. California approved rules to prevent AI discrimination in hiring, requiring companies to keep AI decision data for four years. Minnesota's new privacy law also took effect, adding stronger requirements for companies using AI to process personal data.

Security experts warn that AI agents face a double threat. Bad actors use AI to attack faster than ever, while the AI systems themselves become targets. Researchers found ways to trick Google's Gemini AI into following hidden commands in emails. Companies are fighting back with AI-powered security tools, but the cat-and-mouse game continues.

The European Union finalized voluntary guidelines for AI companies to follow better security practices. However, privacy groups filed complaints against Chinese apps like TikTok and WeChat for not properly handling user data requests. As AI agents become more common in our daily lives, protecting the personal information they access remains a major challenge for both companies and regulators worldwide.