AI Sec Watch

MCP Atlassian has a server-side request forgery (SSRF, where a server is tricked into making requests to unintended URLs) vulnerability that allows an unauthenticated attacker to force the server to make outbound HTTP requests to any URL by supplying two custom headers without proper validation. This could enable credential theft in cloud environments or allow attackers to probe internal networks and inject malicious content into AI tool results.

The `blockUnsafeOperationsPlugin` in simple-git fails to block unsafe git protocol overrides when the configuration key is written in uppercase or mixed case (like `PROTOCOL.ALLOW` instead of `protocol.allow`), because the security check uses a case-sensitive regex while git itself treats config keys case-insensitively. An attacker who controls arguments passed to git operations can exploit this to enable the `ext::` protocol, which allows arbitrary OS command execution (RCE, remote code execution where an attacker runs commands on a system they don't control).

Kevin Mandia, the founder of cybersecurity firm Mandiant, has launched a new startup called Armadin that raised $189.9 million to build autonomous AI agents (software designed to learn and respond to threats without human involvement). Mandia warns that AI-powered attacks are becoming more dangerous and faster, so Armadin aims to create automated defensive agents to help security teams combat these threats.

A federal judge has blocked Perplexity's AI agents (software programs that can take actions on a user's behalf) from placing orders on Amazon after the company sued, claiming the agents accessed user accounts without permission. Amazon had repeatedly asked Perplexity to stop the unauthorized shopping feature before the court issued the order.

OpenAI has added dynamic visual explanations to ChatGPT, a feature that lets users interact with animated diagrams to see how math and science concepts work in real time. Instead of just reading text explanations, users can adjust variables and immediately see how changes affect formulas and diagrams, such as modifying triangle sides to watch the hypotenuse update in the Pythagorean theorem. The feature currently covers over 70 math and science topics and is available to all logged-in ChatGPT users, with plans to expand it further.

Meta has acquired Moltbook, a social networking platform designed for AI agents (software programs that can perform tasks autonomously). The company's co-founders will join Meta's AI research division, called Meta Superintelligence Labs, starting in March.

Google is expanding its AI partnership with the Pentagon by introducing a tool called Agent Designer that lets military and civilian workers create custom AI agents (automated digital assistants) for routine administrative tasks on the Pentagon's enterprise AI system. This move comes after Anthropic sued the Trump administration for being designated a supply chain risk (a classification historically reserved for foreign adversaries) over its refusal to allow its AI technology to be used for autonomous weapons or domestic surveillance.

AgentMail is a startup that built an email service specifically designed for AI agents, providing an API platform (a set of tools that lets software programs communicate with each other) that gives AI agents their own email inboxes with features like two-way conversations, searching, and replying. The company raised $6 million in funding and has grown significantly since the launch of OpenClaw, a popular AI agent platform, attracting tens of thousands of human users and hundreds of thousands of agent users. To prevent misuse, AgentMail implements security measures including daily email limits for unauthenticated agents, rate limiting (restrictions on how many requests can be made in a time period) for unusual activity, and monitoring systems.

Meta has acquired Moltbook, a social network platform (like Reddit, where users share and discuss content) designed for AI agents to create and comment on posts. The Moltbook team will join Meta's AI research division to explore how AI agents can assist people and businesses.