Ramp's AI leaks financials, OpenAI explains the goblins, and Copilot hits 20M users
Ramp's AI spreadsheet feature was caught leaking financial data through prompt injection, which is a wake-up call for every solopreneur plugging AI into sensitive tools. OpenAI published a detailed post-mortem on GPT-5's infamous goblin outputs. Microsoft says Copilot now has over 20 million paid users, and OpenAI models plus Codex are landing on AWS for enterprise customers.
Ramp's Sheets AI can exfiltrate your financials
Security firm Prompt Armor published a disclosure showing that Ramp's AI-powered spreadsheet feature is vulnerable to prompt injection attacks that can exfiltrate sensitive financial data. By embedding hidden instructions in imported data, an attacker could trick the AI into sending account numbers, transaction details, and other financial information to an external endpoint. The vulnerability highlights a growing risk as more fintech tools bolt AI onto sensitive data surfaces.
Sources: Prompt Armor
Why this matters to you
If you're using any AI feature that touches your financial data, invoices, or bank transactions, this is the story to pay attention to today. Prompt injection in a fintech tool is a different ballgame than a chatbot hallucinating. One bad CSV import could quietly leak your numbers to someone else.
This is the exact scenario I worry about when people rush to turn on every AI toggle in their stack. Your expense tool doesn't need AI if it means your financials can get siphoned out by a poisoned spreadsheet.
Jason
OpenAI explains where the GPT-5 goblins came from
OpenAI published a detailed post-mortem explaining the root cause behind GPT-5's widely mocked goblin-themed outputs, where the model would inject goblin references, fantasy language, and quirky personality traits into otherwise normal responses. The post traces the timeline of how personality-driven quirks propagated through fine-tuning and describes the fixes they've deployed. It's a rare look at how subtle training data issues can cascade into visible model behavior.
Sources: OpenAI
Why this matters to you
If you've been seeing weird tonal shifts or personality quirks in ChatGPT outputs, this explains why. More importantly, it shows that model behavior isn't always a feature. Sometimes it's a bug that slipped through fine-tuning. Understanding this helps you write better prompts and know when to push back on odd outputs instead of assuming the model 'knows something you don't.'
I love that OpenAI published this. Most companies would bury the embarrassing stuff. The goblin thing was funny, but it's also a reminder that AI outputs need a human eye before they go to your customers.
Jason
Microsoft says Copilot has 20M+ paid users
During its earnings call, Microsoft reported that Copilot now has over 20 million paid users and that engagement metrics are growing, not just seat counts. This pushes back against the narrative that enterprises buy Copilot licenses and nobody actually opens it. Microsoft emphasized that users are actively generating content, summarizing meetings, and automating workflows inside Office apps.
Sources: TechCrunch
Why this matters to you
20 million paid Copilot users means AI inside everyday office tools is becoming a normal workflow, not an experiment. If your competitors are using Copilot to draft proposals, summarize calls, and crunch spreadsheets faster, you're leaving speed on the table by ignoring it. The engagement numbers suggest this isn't just shelfware.
I don't use Copilot personally because I'm not in the Microsoft ecosystem, but 20 million paying users is a real signal. The 'nobody actually uses AI at work' narrative is dying fast.
Jason
OpenAI models and Codex land on AWS
OpenAI announced that its GPT models, Codex, and Managed Agents are now available directly through AWS. Enterprise customers can build with OpenAI's tools inside their existing AWS environments without routing data through OpenAI's own infrastructure. This is a significant distribution play, meeting large customers where they already host their apps and data.
Sources: OpenAI
Why this matters to you
If you're building apps or automations on AWS, you can now access OpenAI's models without managing separate API keys or routing data outside your AWS VPC. This matters for anyone doing contract work for companies that require data to stay within a specific cloud environment. It also means Codex agents can run inside the same infra where your app lives.
This is OpenAI playing the distribution game hard. Azure already had their models, now AWS does too. For solopreneurs, the direct API is still fine. But if you're building for clients with strict cloud requirements, this removes a real objection.
Jason
Quiet day for flashy product launches, but the Ramp vulnerability is the kind of story that matters more than any new model drop. If you're plugging AI into tools that touch your money, slow down and think about what you're exposing.
Frequently asked
What is the Ramp Sheets AI vulnerability?
Security firm Prompt Armor discovered that Ramp's AI spreadsheet feature is vulnerable to prompt injection attacks that can exfiltrate sensitive financial data. An attacker can embed hidden instructions in imported data that trick the AI into sending account numbers and transaction details to an external endpoint.
What caused GPT-5's goblin outputs?
OpenAI published a post-mortem explaining that personality-driven quirks, including goblin references, spread through the fine-tuning process due to subtle training data issues. The behavior cascaded into visible model outputs. OpenAI has deployed fixes to address it.
How many people are paying for Microsoft Copilot?
Microsoft reported over 20 million paid Copilot users as of its latest earnings call. The company emphasized that engagement is growing alongside seat counts, meaning users are actively using the tool for drafting, summarizing, and automating tasks inside Office apps.
Teach your AI agent to run your business.
5 premium skills for OpenClaw, Claude Code, and other SKILL.md-compatible agents. Automation audits, tool stacks, content engines, email systems, and operations. $49 one-time.
Get the Skills Bundle