AI Sec Watch

Ransomware attackers are shifting from loud, disruptive attacks toward stealthy, long-term infiltration tactics where they quietly steal data for extortion rather than encrypting it. They're using defense evasion (techniques to avoid detection) and persistence mechanisms to stay hidden, routing their command-and-control traffic (communications between attackers and compromised systems) through legitimate business services like OpenAI and AWS to blend in with normal activity. Attackers are also chaining multiple vulnerabilities together in coordinated exploitation rather than treating each weakness as an isolated entry point.

Anthropic's CEO Dario Amodei is refusing the US Department of Defense's demand to remove safeguards from the company's AI tool Claude, saying the company would rather lose Pentagon contracts than allow its technology to be used for mass domestic surveillance or fully autonomous weapons (AI systems that make attack decisions without human control). The Pentagon has threatened to remove Anthropic from its supply chain and invoke the Defense Production Act if the company doesn't comply.

Burger King is deploying an AI chatbot powered by OpenAI (the company behind ChatGPT) that listens to employee headsets at hundreds of US locations to monitor whether workers use polite words like 'please' and 'thank you.' The company says the system, called BK Assistant, will help understand service patterns, though the announcement has sparked criticism from workers.

Anthropic CEO Dario Amodei stated the company will not allow the U.S. Department of Defense to use its AI models without restrictions on fully autonomous weapons and mass domestic surveillance, despite Pentagon threats to label the company a supply chain risk or invoke the Defense Production Act. The DoD counters that it only wants to use the models for lawful purposes and has given Anthropic until Friday evening to agree to unrestricted access, with competing AI companies like OpenAI and Google already accepting these terms.

Anthropic refused a Pentagon demand to remove safety precautions (safeguards built into AI systems to prevent harmful outputs) from its Claude AI model and allow unrestricted military use, despite threats to cancel a $200 million contract and damage the company's reputation. The Department of Defense demanded compliance by Friday or would label Anthropic a 'supply chain risk,' a designation that could harm the company financially.

Anthropic rejected the Pentagon's demands for unrestricted access to its AI system, refusing to agree to two specific uses: mass surveillance of Americans and lethal autonomous weapons (weapons that can kill targets without human oversight). The refusal came just before a deadline set by Defense Secretary Pete Hegseth, who wanted to renegotiate AI contracts with the military.

Anthropic's CEO Dario Amodei refused the Pentagon's demand for unrestricted access to the company's AI systems, citing two concerns: mass surveillance of Americans and fully autonomous weapons (weapons that make decisions without human involvement) with no human oversight. The Pentagon threatened to label Anthropic a security risk or use the Defense Production Act (a law giving the president power to force companies to prioritize defense production) to force compliance, but Amodei said the company would work with the military under its proposed safeguards or help transition to another provider if the Pentagon chose to end the relationship.

Microsoft is previewing Copilot Tasks, an AI system that runs on Microsoft's cloud servers to complete repetitive work for you, such as scheduling appointments or creating study plans, while you use your own device for other tasks. You can describe what you want using plain English and set the tasks to run once, on a schedule, or repeatedly, and the AI will send you a report when finished.

A vulnerability in n8n's Zendesk Trigger node (a tool that automatically starts workflows when Zendesk sends data) allows attackers to forge webhook requests, meaning they can trigger workflows with fake data because the node doesn't verify the HMAC-SHA256 signature (a cryptographic check that confirms a message is authentic). This lets anyone who knows the webhook URL send malicious payloads to the connected workflow.