AI Sec Watch

Anthropic accused three Chinese AI companies (DeepSeek, Moonshot AI, and MiniMax) of using distillation (a technique where one AI model learns from another by analyzing its outputs) to illegally extract capabilities from Claude by creating over 24,000 fake accounts and generating millions of interactions. This theft targeted Claude's most advanced features like reasoning, tool use, and coding, and raises security concerns because stolen models may lack safeguards against misuse like bioweapon development.

IBM's stock fell 11% after Anthropic announced that its Claude AI model can now automate COBOL (a decades-old programming language used in banking and business systems) modernization work, which is a core part of IBM's business. Claude can map dependencies, document workflows, and identify risks in old code much faster than human analysts, potentially making IBM's COBOL-related services less valuable.

Michael Gerstenhaber, a Google Cloud VP overseeing Vertex (a platform for deploying enterprise AI), describes how AI models are advancing along three distinct frontiers: raw intelligence (accuracy and capability), response time (latency, or how quickly the model answers), and cost-efficiency (whether a model can run reliably at massive, unpredictable scale). Different use cases prioritize these frontiers differently—for example, code generation prioritizes intelligence even if it takes time, customer support prioritizes speed within a latency budget, and large-scale content moderation prioritizes cost-effectiveness at infinite scale.

This article discusses concerns about AI posing a threat to cybersecurity companies, which has caused their stock prices to decline. However, the piece argues against abandoning investments in these companies despite these concerns.

OpenAI has announced the 'Frontier Alliance,' a partnership with four major consulting firms (Boston Consulting Group, McKinsey, Accenture, and Capgemini) to help enterprises adopt its AI technologies, particularly OpenAI Frontier, a no-code platform for building and deploying AI agents. The partnership aims to address slow enterprise adoption of AI by helping consultants redesign company strategies and workflows to integrate OpenAI's tools rather than simply adding AI to existing processes.

Guide Labs has open-sourced Steerling-8B, an 8 billion parameter LLM designed to be interpretable, meaning its decisions can be traced back to its training data and understood rather than treated as a black box. The model uses a new architecture with a concept layer that buckets data into traceable categories, allowing developers to understand why the model produces specific outputs and control its behavior for applications like blocking copyrighted content or preventing bias in loan evaluations.

A software engineer is creating a collection of documented patterns for agentic engineering, which refers to using coding agents (AI tools that can generate, execute, and iterate on code independently) to help professional developers work faster and better. The project will be published as a series of chapters on a blog, inspired by classic design pattern documentation, with the first two chapters covering how cheap code generation changes software development and how test-first development (TDD) helps agents write better code.

Cybersecurity stock prices fell sharply after Anthropic announced a new AI tool for its Claude model that can scan software code for vulnerabilities and suggest fixes, causing investors to worry that AI might replace traditional cybersecurity services. However, some analysts argue the threat is limited, noting that while AI could improve efficiency in specific tasks like code scanning, it cannot yet replace full end-to-end security platforms (complete systems that handle all stages of protecting against attacks).

Instagram's leader Adam Mosseri warned that AI can now convincingly fake almost any content, making it hard for creators to stand out with authentic material. He proposed solving this by having camera manufacturers cryptographically sign images (using math-based codes that prove an image wasn't altered) at the moment they're captured, creating a verifiable record of what's real versus AI-generated.