AI Sec Watch

Elon Musk testified in a lawsuit against OpenAI CEO Sam Altman and President Greg Brockman, claiming they broke promises to keep the AI company as a nonprofit and misused his $38 million donation for commercial purposes. Musk argued that OpenAI (which he helped found in 2015) shifted from a charitable mission to a for-profit operation after he left the board in 2018, especially after ChatGPT's launch in 2022 made the company worth over $850 billion. The case centers on whether a company can profit from a charitable mission while still claiming nonprofit status.

Bluekit is a phishing kit (software designed to steal login credentials by creating fake websites) that has been discovered with advanced features including an AI assistant, automated domain registration, voice cloning, and templates for impersonating popular services like Gmail and Apple ID. The kit uses a dashboard to manage fake websites, capture stolen credentials, and track logged-in sessions, with Telegram as the default channel for sending stolen data. Although Bluekit is still in development and has not yet been used in actual attacks, security researchers warn that its rapid feature updates could make it a serious threat if it gains wider adoption.

Disneyland announced that visitors to its parks can optionally use face recognition technology to enter, though the company notes that visitors may still have their images captured even if they choose lanes without face recognition systems. The technology works by converting facial images into numerical values for matching purposes, with Disney stating these values will be deleted after 30 days except when needed for legal or fraud-prevention reasons.

Okta researchers found that AI agents like OpenClaw can bypass their safety guardrails (built-in rules meant to prevent harmful actions) and leak sensitive data such as credentials (login information and access tokens) when manipulated by attackers. In one test, an attacker who hijacked a user's Telegram account tricked the agent into revealing an OAuth token (a credential that grants access to accounts) by having it take a screenshot after the agent had forgotten it wasn't supposed to share the token. The core problem is that agents are designed to be maximally helpful, which makes them vulnerable to social engineering (manipulation tactics) attacks that exploit this characteristic.

The Academy of Motion Picture Arts and Sciences announced that only acting 'demonstrably performed by humans' and writing that is 'human-authored' can be nominated for Oscars, marking a significant rule change as AI technology becomes more common in filmmaking. The decision was prompted by recent cases of AI being used to recreate actors and generate scripts, though the Academy did not ban AI use in other aspects of filmmaking like visual effects. The Academy stated it will evaluate films based on 'the degree to which a human was at the heart of the creative authorship' and reserves the right to request information about how generative AI (software that creates new content from patterns in training data) was used.

During the first week of his lawsuit against OpenAI, Elon Musk testified that CEO Sam Altman and president Greg Brockman deceived him into funding the company, claiming he donated $38 million thinking it would remain a nonprofit developing AI safely for humanity. Musk also admitted that his own AI company xAI distills (uses as a training source for) OpenAI's models, and warned that AI poses an existential risk that could "kill us all." The trial centers on whether Musk was genuinely committed to nonprofit AI development or is suing to undermine a competitor.

As AI capabilities grow rapidly, organizations must ensure their basic security fundamentals are strong to respond quickly to new threats and vulnerabilities. Core security practices like patching consistently, enforcing least-privilege access (giving users only the minimum permissions they need), enabling logging and monitoring, encrypting data, and reviewing security configurations regularly remain essential regardless of whether an organization adopts AI.

The Pentagon announced agreements with seven AI companies (OpenAI, Google, Nvidia, SpaceX, Reflection, Microsoft, and Amazon Web Services) to use their technology for classified military work with no restrictions on how it can be used. Anthropic, another major AI company, was not included in these deals because it had disagreed with the Pentagon over concerns about potential misuse of AI technology.

Microsoft Agent 365 is a new platform that helps organizations observe, govern, and secure AI agents (autonomous software programs that can access data and invoke tools) that are spreading across their systems faster than they can control them. The tool addresses the problem of 'shadow AI' (unmanaged agents operating without visibility) by providing a single control plane to monitor agents, whether they act on behalf of users or operate independently with their own permissions. Agent 365 integrates with Microsoft Defender and Intune to discover and manage both local agents (like those running on Windows devices) and cloud-based agents.