AI Sec Watch

The Pentagon has signed agreements with OpenAI, Google, Microsoft, Amazon, Nvidia, xAI, and Reflection to use their AI tools in classified military settings, but excluded Anthropic after labeling it a supply-chain risk (a potential weak point in security). This expands earlier deals that allowed some companies like OpenAI and xAI to provide AI systems for authorized military use.

This article discusses a legal case where Elon Musk is suing OpenAI (an AI company), claiming they stole a nonprofit organization and that he was the main force behind their success. During his testimony in court, Musk had a difficult time, arguing with lawyers and changing his statements, with indications suggesting he is unlikely to win the case.

The Pentagon's chief technology officer stated that Anthropic remains classified as a supply chain risk (a designation meaning the company's technology threatens U.S. national security), but Anthropic's Mythos AI model, which has advanced capabilities for finding and fixing cyber vulnerabilities, is being treated as a separate urgent national security issue requiring the Department of Defense to strengthen its networks. The DOD has blacklisted Anthropic from working with defense contractors, though the agency is reportedly using Mythos internally and is open to negotiations about safeguards (called guardrails, or restrictions on how the AI can be used) if Anthropic agrees to terms similar to those negotiated with other AI companies.

Goodfire, a San Francisco startup, released Silico, a tool that uses mechanistic interpretability (a technique for understanding how AI models work by mapping their internal neurons and connections) to let researchers see inside AI models and adjust their parameters during training. The tool aims to give developers more control over AI behavior by exposing internal 'knobs and dials' so they can reduce unwanted outputs, making AI development more like traditional software engineering rather than trial-and-error.

CISA and international cybersecurity partners released guidance for organizations adopting agentic AI (AI systems that can take actions autonomously on behalf of users). The guidance identifies security challenges with these systems and provides steps for safely designing, deploying, and operating them while connecting AI risk management to existing cybersecurity practices.

Microsoft is launching a new AI agent within Word that is designed specifically for legal teams to help with tasks like reviewing contracts and managing document edits. Unlike general AI models, the Legal Agent follows structured workflows (predetermined sets of steps) based on actual legal practices, handling specific repeatable tasks like reviewing contract clauses against a predefined playbook (a set of rules or guidelines).

Organizations often use AI models from online repositories like HuggingFace without tracking their changes, verifications, or vulnerabilities, which can lead to security risks if models are poisoned (containing hidden malicious code) or contain training biases. Cisco released the Model Provenance Kit, an open source Python-based tool that creates a unique 'fingerprint' for each model using metadata and other signals, allowing organizations to compare models and trace their origins to address these tracking and accountability problems.

AI is changing how software is developed by affecting coding practices, tools, developer roles, and the overall development process across all stages, from initial planning through maintenance. The article discusses how AI agents are being integrated throughout the software development life cycle (the complete process of creating and maintaining software, from concept to deployment).

Threat actors are abusing AI distribution platforms like Hugging Face and ClawHub to spread malware by uploading trojanized files (files containing hidden malicious code) that trick users into downloading them through social engineering. The attackers use indirect prompt injection (embedding hidden instructions in data that AI systems read and execute without the user knowing) to make AI agents automatically download and run malware on users' computers, with hundreds of malicious files identified across both platforms.