AI Sec Watch

This newsletter covers multiple AI and technology developments, including AI's expanding role in military decision-making during the Iran conflict through 'vibe-coded' intelligence dashboards (AI systems that present information in visually appealing but potentially unreliable formats), legal disputes between AI companies and governments, and emerging threats like GPS jamming in the Middle East. The piece also highlights concerns about AI cloning real people's voices without consent, developments in AI agents, and psychological effects of AI companions on users.

Sandbar, a startup founded by former Meta employees, raised $23 million to develop the Stream ring, a wearable device with a microphone that records notes and lets users chat with an AI assistant through a phone app. The ring's microphone is off by default and only activates when users lift their hand to their face, which signals intent for private note-taking rather than recording surrounding conversations.

Anthropic, an AI company, filed a lawsuit against the federal government after the Pentagon blacklisted it as a 'supply chain risk' (a security classification typically reserved for foreign adversaries), claiming the move is unlawful and causes irreparable harm. The blacklisting followed Anthropic's disagreement with the Pentagon over how its AI systems could be used. Defense experts worry this precedent could harm U.S. competitiveness by cutting off access to a major American AI vendor.

In February 2026, organizations worldwide faced an average of 2,086 cyber attacks per week, a 9.6% increase from the previous year, indicating that high attack volumes are now a constant threat rather than a temporary spike. While ransomware attacks declined compared to last year, overall attack activity remains near record levels due to automation, expanded digital systems, and security risks from enterprise GenAI (generative AI used by businesses) usage.

Escape, a company that uses AI agents (software programs that act autonomously to complete tasks) to automate pentesting (simulated security attacks to find vulnerabilities), has raised $18 million in funding. The company plans to use this money to improve its AI capabilities and expand its teams.

AI Agents (software programs that automatically perform tasks like sending emails or moving data) create security risks because they have broad access to sensitive information with little oversight, making them targets for hackers who can trick them into leaking company secrets. Traditional security tools were designed to protect human users, not autonomous digital workers, leaving AI agents largely invisible to security teams. The article promotes an upcoming webinar that promises to explain how hackers target these agents and how to secure them without overly restricting their capabilities.

A family is suing OpenAI after their 12-year-old daughter was critically injured in a Canadian school shooting, claiming that OpenAI knew the suspect was planning an attack through ChatGPT conversations but failed to alert authorities. The suspect's account was banned in June 2025 after employees flagged messages about gun violence as indicating imminent harm, but police were never notified, and the suspect later opened a second account to continue planning.

Oracle is reporting earnings on Tuesday as investors try to determine whether its massive investment in AI infrastructure is profitable. The company raised $50 billion in financing (debt and equity) to build data centers, mainly to serve OpenAI, and bond investors are watching closely because Oracle had to borrow heavily compared to other major cloud computing companies, raising concerns about its financial health and credit rating.

AI systems receive instructions from multiple sources (system policies, developers, users, and online data), and models must learn to prioritize the most trustworthy ones to stay safe. When models treat untrusted instructions as authoritative, they can be tricked into revealing private information, following harmful requests, or falling victim to prompt injection (hidden malicious instructions hidden in input data). OpenAI's solution uses a clear instruction hierarchy (System > developer > user > tool) and trains models with IH-Challenge, a reinforcement learning dataset designed to teach models to follow high-priority instructions even when lower-priority ones conflict with them.