AI Sec Watch

Anthropic's unreleased AI model, codenamed Mythos, was accidentally exposed through a configuration error in its content management system (CMS, software that organizes and stores digital content), revealing a more powerful LLM with advanced reasoning and coding abilities. The leak raises security concerns because the model's improved skills at finding and exploiting software vulnerabilities could make cyberattacks easier while also helping defenders, and its capability for recursive self-fixing (autonomously identifying and patching its own code problems) narrows the gap between human and AI-level hacking. Anthropic plans a phased rollout targeting enterprise security teams first before broader release.

MLflow has a command injection vulnerability (a type of attack where an attacker inserts malicious commands into input that gets executed) in its model serving code when deploying models with `env_manager=LOCAL`. The vulnerability occurs because MLflow reads dependency information from a file called `python_env.yaml` in the model artifact and directly uses it in a shell command without checking if it's safe, allowing an attacker to execute arbitrary commands on the system deploying the model.

Mistral, a French AI startup, secured $830 million in debt financing to build a data center powered by thousands of Nvidia graphics processing units (GPUs, specialized chips used for AI training). The new data center near Paris will support training of Mistral's large language models (LLMs, AI systems trained on vast amounts of text) and will become operational in the second quarter of 2025, with plans to expand European computing capacity to 200 MW by the end of 2027.

A path traversal vulnerability (a security flaw where an attacker uses special path names like '../' to access files outside intended directories) exists in MLflow's archive extraction function that doesn't validate the contents of tar.gz files before extracting them. An attacker who controls the tar.gz file can overwrite arbitrary files or escape sandbox restrictions (isolated environments that limit what code can access) in shared computing environments.

AI is now being used throughout the music industry for tasks like creating songs, building playlists, and detecting AI-generated content, but this raises major concerns about copyright (legal ownership of creative work), whether AI outputs are truly art, and whether AI-generated music will flood the market and harm human musicians. The music industry is divided, with some platforms like Apple Music and Deezer adding labels to identify AI music, while others like Bandcamp have banned AI content entirely, and major record labels are pursuing lawsuits against AI music companies.

OpenAI and partner organizations held an 'AI Jam' workshop in Bangkok with 50 disaster management leaders from 13 Asian countries to explore practical ways AI can improve emergency response. The workshop focused on building custom GPTs (generalized pre-trained transformer models, or AI tools trained on broad data) and workflows for tasks like situation reporting and needs assessment, addressing how disaster response teams in resource-constrained environments with fragmented data can work faster and more effectively.

Bluesky has released Attie, a new AI assistant powered by Claude (Anthropic's language model) that helps users create custom feeds using natural language instructions instead of traditional algorithmic settings. Users can describe what content they want to see, like 'posts about folklore, mythology, and traditional music, especially Celtic traditions,' and Attie builds a personalized feed based on that description, with plans to integrate it into Bluesky and other apps built on the AT Protocol (Bluesky's underlying technical foundation).

A vulnerability (CVE-2026-5002) was discovered in PromtEngineer localGPT that allows injection attacks (inserting malicious code into input) through the LLM Prompt Handler component in the backend/server.py file. An attacker can exploit this vulnerability remotely, and the exploit code has been publicly released. The vendor has not responded to disclosure attempts, and because the product uses rolling releases (continuous updates without traditional version numbers), specific patch information is unavailable.

Companies like Samsung are posting ads on TikTok that appear to be made with generative AI (AI systems that create images or videos from text descriptions), but they're not adding the required AI disclosure labels that TikTok's advertising policies demand. This means users can't easily tell whether the ads they see are AI-generated or made by humans, even though the companies creating them know the truth.