AI Sec Watch

Researchers have developed a fingerprint-based watermarking technique to protect and track natural language processing models (AI systems trained to understand and generate text) that operate as black boxes (systems where users cannot see how internal decisions are made). This method allows owners to prove they created a model and trace where it has been used or copied without permission.

AI models can now autonomously discover vulnerabilities and create working exploits, which compresses the time between when a weakness is found and when it's attacked. However, the same AI capabilities that help attackers can also help defenders by accelerating vulnerability discovery and reducing response time. Microsoft is partnering with AI model providers and using tools like advanced models to identify security issues faster and deploy fixes through their existing update processes.

Anthropic released Mythos Preview, an AI model designed to find and fix security vulnerabilities (weaknesses in software that attackers could exploit), and several US federal agencies are using it. However, CISA (the Cybersecurity and Infrastructure Security Agency, which is America's main government cybersecurity coordinator) reportedly does not have access to the tool, while other agencies like the Commerce Department and NSA do.

Google's Gemini AI can now generate summaries and transcripts not just for Google Meet video calls, but also for in-person meetings, Zoom calls, and Microsoft Teams meetings. The feature, which was previously only available to early testers on Android devices, now works for both scheduled and impromptu meetings, and can be transitioned to a video call if remote participants need to join.

Anthropic, the company behind Claude chatbot, has decided not to release its new AI model called Mythos to the public due to cybersecurity risks. The company is investigating a report that unauthorized people may have gained access to Mythos, raising concerns about whether tech companies can adequately protect their most powerful AI systems from being misused.

OpenAI introduced ChatGPT for Clinicians, a free AI tool designed to help doctors, nurse practitioners, and pharmacists with clinical tasks like documentation, medical research, and patient care consultation. The tool includes advanced AI models, trusted medical search powered by peer-reviewed sources, and optional HIPAA compliance (a federal privacy law for healthcare data) support, with conversations kept private and not used to train the AI.

The engram HTTP server (a local application running on your computer) had a critical security flaw where it allowed any website you visited to steal your private knowledge graph data and inject persistent malicious instructions into your AI coding assistant. This happened because the server had no password protection by default and accepted requests from any website origin (CORS, or cross-origin resource sharing, which controls what websites can talk to your local applications).

Meta is installing a tool called Model Capability Initiative (MCI) on US employees' computers that records their activity, including mouse movements, clicks, keystrokes, and screenshots from work apps and websites. This recorded data will be used to train Meta's AI agents to perform computer tasks more like humans do, though Meta states the data won't be used to evaluate employee job performance.

InstructLab has a security flaw in its `linux_train.py` script that automatically trusts code from external model sources without verification (trust_remote_code=True). An attacker could trick users into downloading a malicious model from HuggingFace (a popular AI model repository) and running training commands, allowing the attacker to execute arbitrary Python code and take over the entire system.