AI Sec Watch

This article explains two security bugs found in C/C++ code samples: a Linux ping program vulnerable to command injection because inet_ntoa (a function that converts IP addresses to text) returns a pointer to a global buffer that gets overwritten by subsequent calls, allowing an attacker to bypass IP validation checks; and a Windows driver with a registry type confusion vulnerability where missing validation flags can escalate from a local denial of service to kernel write access (the ability to modify system memory).

A scan of over 1 million exposed AI services found that self-hosted AI infrastructure has worse security than any other software previously investigated, with major problems including no authentication enabled by default, freely accessible chatbots that expose user conversations and can be abused to bypass safety guardrails (restrictions built into AI models to prevent harmful outputs), and exposed agent management platforms (tools like n8n and Flowise that automate AI workflows) that reveal business logic, API keys (secret credentials for accessing external services), and access to connected third-party systems. These misconfigurations leave real user data and company tools vulnerable to attackers, with consequences ranging from reputational damage to full system compromise.

Google DeepMind employees have voted to unionize, asking management to recognize their union representatives in an effort to prevent the company's AI technology from being used by the Israeli and US militaries. The unionization effort reflects employee concerns that their AI models may be complicit in international law violations, particularly regarding the Israeli-Palestinian conflict.

OpenAI has released GPT-5.5 Instant, an updated version of ChatGPT's default model that aims to provide smarter, more accurate answers with clearer language and better personalization based on your conversation history. The new model produces 52.5% fewer hallucinated claims (false or made-up statements) compared to the previous version on high-stakes topics like medicine and law, and includes a new 'memory sources' feature that shows you what past context was used to personalize your responses, giving you control to edit or delete outdated information.

GPT-5.5 Instant is OpenAI's latest fast-response AI model that uses safety methods similar to previous versions, but is the first Instant model classified as having high capability in cybersecurity and biological/chemical preparedness risks, so it has additional safeguards in place. The document clarifies naming conventions to avoid confusion: GPT-5.5 Instant (also called gpt-5.5-instant) should be compared to GPT-5.3 Instant, and the full GPT-5.5 model is referred to as GPT-5.5 Thinking.

OpenAI and partners (AMD, Broadcom, Intel, Microsoft, NVIDIA) developed MRC (Multipath Reliable Connection), a new networking protocol that improves data transfer speed and reliability in supercomputer clusters used for AI model training. MRC addresses key challenges in large-scale AI training by reducing network congestion through adaptive packet spraying (distributing data across multiple paths), enabling redundancy to tolerate failures, and using static source routing (predetermined paths that bypass failed connections) to prevent training jobs from crashing when network failures occur.

Workers at Google DeepMind's UK laboratory voted to form a union, citing concerns about a recently announced deal between Google and the US military. The workers, represented by two unions, worry that the military partnership raises ethical questions about the company's responsibility in developing AI technology.

The GeekyBot WordPress plugin (up to version 1.2.0) has a SQL injection vulnerability (a type of attack where hackers insert malicious database commands into user input) in the 'attributekey' parameter. Because the plugin doesn't properly clean user input or secure its database queries, unauthenticated attackers can add extra SQL commands to extract sensitive data from the site's database.

Datasette-llm 0.1a7 is a plugin (a software add-on) that lets other plugins use AI models in a coordinated way. The release adds a feature to set default options for specific models, such as specifying which model to use for enrichment operations (adding data to existing information) and adjusting its temperature parameter (a setting that controls how creative or random the AI's responses are).