AI Sec Watch

Varonis Atlas is an AI security platform that helps organizations discover, monitor, and protect AI systems across their enterprise, from custom AI models to chatbots and AI agents. The platform addresses a major security gap: most organizations don't know which AI systems they have, what data those systems can access, or whether they're compliant with regulations, creating risks since AI agents can read and modify data at machine speed. Atlas covers the entire AI security lifecycle through features like continuous AI discovery, posture management (vulnerability and misconfiguration assessment), runtime protection, and compliance reporting.

Grammarly (now part of Superhuman) launched a feature called Expert Review in August that used AI to create cloned versions of real journalists and writers, including the interviewer, without their permission to provide writing suggestions. The company faced backlash and legal action, ultimately killing the feature entirely and offering an opt-out option.

This research paper presents CLIP-ADA, a method for detecting synthetic images (fake images created by AI generators) that works better across different types of generators and artifacts. The method analyzes how CLIP (a vision-language model that understands both images and text) processes images at different levels, then uses this understanding to train detectors that rely less on specific artifact patterns and more on general forensic features, achieving over 6% better accuracy on unseen synthetic images.

Researchers developed SRAP (Self-Reversible Adversarial Patch), a technique that creates adversarial patches (small, intentionally corrupted image regions designed to fool AI models) that can be reversed back to the original image while protecting privacy. The method improves two key weaknesses in existing adversarial patches: transferability (working across different AI models, achieving up to 90% success rate) and robustness (resisting image processing and defensive techniques), and demonstrates an 88% attack success rate against commercial AI services.

As companies convert traditional data centers into AI factories (facilities that produce and run large language models, or LLMs) to generate revenue and gain competitive advantages, they face new security risks. Check Point has created a blueprint architecture (a detailed security design plan) to help enterprises protect these AI data centers as the market grows significantly from $236 billion in 2025 to $934 billion by 2030.

Companies are quickly adopting AI tools to improve productivity and gain business advantages, but this creates new security risks. AI tools often access sensitive company data like customer records and emails, and employees may use LLMs (large language models, AI systems trained on huge amounts of text) without approval, risking accidental leaks of confidential information.

This newsletter covers multiple AI-related developments, including animal welfare advocates exploring how artificial general intelligence (AGI, a theoretical AI system that can learn and perform any intellectual task) might reduce animal suffering, the White House unveiling a light-touch AI regulation framework, and various corporate moves like OpenAI adding ads to free ChatGPT and the Pentagon adopting Palantir's AI for military targeting. The article also discusses Elon Musk being found liable for misleading Twitter investors and a case where an Australian woman's experimental brain implant was removed against her wishes despite significantly improving her quality of life.

Senator Elizabeth Warren is questioning the Department of Defense's decision to blacklist AI company Anthropic as a "supply chain risk," calling it retaliation after the company refused to let the DOD use its AI models for fully autonomous weapons or domestic mass surveillance. Anthropic has filed a lawsuit against the Trump administration, while OpenAI has secured a DOD contract despite similar concerns from lawmakers about whether safeguards exist to prevent the technology from being used for mass surveillance or autonomous weapons.

Wiz has introduced AI agents and workflows designed to help security teams respond to threats faster by automating investigation and remediation tasks. The system uses three specialized agents—Red (finds vulnerabilities), Blue (investigates threats), and Green (fixes issues)—that work together in a continuous loop to detect, analyze, and resolve security risks at machine speed rather than relying on manual human work.