AI Sec Watch

DeepSeek released V4, a new AI model that can process longer text more efficiently and matches the performance of leading competitors from OpenAI, Anthropic, and Google while remaining open source. Researchers are increasingly focused on developing world models (AI systems that understand and can interact with the physical world, not just digital tasks) to overcome limitations of current language models and enable advances in robotics and physical tasks like laundry folding or navigation.

Google researchers found that indirect prompt injection attacks (hidden traps where malicious instructions in external data trick AI systems into bypassing their safety rules) on websites are increasing, with a 32% rise between November 2025 and February 2026, but current attacks remain relatively unsophisticated. The attacks they discovered fell into two categories: exfiltration attempts that try to steal data like IP addresses and credentials, and destruction attempts that aim to delete files, though neither showed advanced techniques. Researchers warn that while today's attacks are low in sophistication, the upward trend suggests the threat will soon grow in both scale and complexity.

Anthropic's Claude Mythos is an AI system that can discover vulnerabilities much faster than human teams, but organizations are unprepared for the remediation (fixing) side of the process. The real problem isn't finding vulnerabilities quickly, it's that most teams lack the infrastructure to triage, prioritize, and verify fixes once they're discovered, so faster discovery just creates a growing backlog of unfixed critical issues.

AI is transforming DevSecOps (the practice of integrating security into software development processes) by embedding security checks earlier in coding and automating vulnerability detection and fixes. The shift moves security from happening after code is written to happening during code generation itself, with AI tools providing secure coding guidance, scanning for vulnerabilities using reasoning rather than fixed rules, and suggesting automated fixes integrated directly into developer workflows.

Rather than eliminating SOC analyst jobs, agentic AI (AI systems that can independently execute tasks) is transforming entry-level analysts from performing repetitive investigative work into 'managers of agents' who oversee AI systems and make decisions based on their findings. The shift moves analysts from manually gathering evidence across multiple systems to reviewing AI-generated investigations and validating conclusions, allowing them to handle more alerts at a higher level of judgment.

Elon Musk is suing Sam Altman and OpenAI, claiming they violated their founding agreement by converting OpenAI from a non-profit (an organization that doesn't aim to make money for owners) to a for-profit business. The lawsuit alleges fraud and breach of contract, with the trial beginning in Oakland, California, and expected to last two to three weeks.

Google DeepMind announced a partnership with South Korea's Ministry of Science and ICT to advance AI research and development in the country. The collaboration includes establishing an AI Campus in Seoul where Korean researchers can access Google's advanced AI models for breakthroughs in life sciences, weather, climate, and energy, while also supporting talent development through internships and scholarships.

This academic paper explores how Software Bill of Materials (SBOMs, detailed lists of all software components used in a project) can be extended to cover agentic AI systems (AI systems that can independently make decisions and take actions). The paper discusses schema extensions, how to organize and orchestrate these agentic components, and methods to evaluate whether AI systems produce reproducible results.

Microsoft and OpenAI amended their partnership agreement to clarify their long-term relationship and how they will work together on AI development. Key changes include OpenAI gaining freedom to sell products through any cloud provider (not just Microsoft's Azure), Microsoft receiving a non-exclusive license to OpenAI's technology through 2032, and changes to how the companies share revenue. The amendment aims to give both companies flexibility while maintaining their collaborative work on building large-scale AI systems.