AI Sec Watch

Agentic engineering is the practice of developing software with the help of coding agents, which are AI tools that can write and execute code in a loop to achieve a goal. Rather than replacing human engineers, these agents handle code generation while humans focus on the higher-level work: defining problems clearly, choosing among different solutions, and verifying that the results are correct and robust. To get good results from coding agents, engineers need to provide them with proper tools, specify problems in sufficient detail, and deliberately update instructions based on what they learn from each iteration.

AI companies are hiring improv actors through data-labeling companies like Handshake to create training data that teaches AI models to recognize and generate human emotions and character voices. This represents a strategy by major AI labs to gather specialized training data (the information used to teach AI systems) from skilled performers rather than relying solely on existing text or video sources.

This talk covers how software developers are adopting AI coding agents, from simple question-asking with ChatGPT to agents writing entire programs. The speaker emphasizes that trusting AI output (like Claude Opus) requires pairing it with test-driven development (TDD, a practice where you write tests before the actual code) and manual testing, since automated tests alone don't guarantee the software will actually run correctly.

OpenClaw, an open-source AI agent, has critical security flaws that could let attackers trick it into leaking sensitive data through prompt injection (embedding malicious instructions in web content to manipulate the AI). The platform's weak default security settings and high system privileges create additional risks, including accidental data deletion, malicious code installation through skill repositories, and exploitation of known vulnerabilities that could compromise entire business systems.

Major AI infrastructure projects like OpenAI's Stargate datacentre (a massive computing facility where AI systems run) are facing financial and timeline challenges, with OpenAI backing away from parts of a planned $500 billion expansion in Texas. The article suggests that massive investments in datacentres and AI chips represent a significant economic gamble, with the UK potentially at particular risk if this 'AI bubble' deflates.

Microsoft is planning to release Gaming Copilot, an AI assistant that helps players when they get stuck in games, on current-generation Xbox consoles later this year. The assistant, which responds to voice commands, has already been tested in beta versions on Xbox's mobile app, Windows 11, and Xbox Ally handhelds, and Microsoft plans to expand it to additional gaming services.

LibreChat, a ChatGPT alternative with extra features, has a vulnerability in versions before 0.8.3-rc1 where an authenticated attacker can crash the server by sending malformed requests to a specific endpoint. The bug occurs because the code tries to extract data from a request without checking if it exists first, causing an unhandled error (a TypeError, which is a type of programming mistake) that shuts down the entire Node.js server process.

LibreChat versions 0.8.2 to 0.8.2-rc3 have a security flaw in the MCP (Model Context Protocol, a system for connecting AI models to external services) OAuth callback endpoint that fails to verify the user's identity. An attacker can trick a victim into completing an authorization flow, which stores the victim's OAuth tokens (credentials that grant access to services) on the attacker's account, allowing the attacker to take over the victim's connected services like Atlassian or Outlook.

Nvidia is shifting focus toward CPUs (central processing units, the main general-purpose chips in computers) alongside its famous GPUs (graphics processing units) because agentic AI (AI systems that autonomously complete tasks by orchestrating multiple agents working together) requires significant general computing power to move data and coordinate workflows. The company is unveiling new CPU details at its GTC conference, with demand from major partners like Meta driving a predicted doubling of the CPU market from $27 billion in 2025 to $60 billion by 2030.