AI Sec Watch

AI agents have become very skilled at finding bugs in code, especially security vulnerabilities, and can now identify and exploit previously unknown flaws much faster than before. A new AI model called Mythos Preview, created by Anthropic, succeeded at exploiting certain browser vulnerabilities 181 times compared to only twice for an earlier model, showing a major leap in AI's ability to find and exploit security weaknesses. This capability could make it easier for non-security experts to launch cyberattacks, though the article notes that deploying patches (fixes released by software companies) remains the biggest challenge for organizations trying to stay secure.

OpenAI has introduced a Child Safety Blueprint, a policy framework designed to prevent AI-enabled child sexual exploitation (the use of AI to create, distribute, or facilitate child abuse material). The blueprint addresses three main areas: updating laws to handle AI-generated or altered CSAM (child sexual abuse material), improving how service providers report and coordinate with law enforcement, and building safety features directly into AI systems to detect and prevent misuse. The framework combines legal, operational, and technical approaches and was developed with input from organizations like the National Center for Missing and Exploited Children and state attorneys general.

IBM Langflow Desktop versions 1.6.0 through 1.8.2 contain a vulnerability that allows an authenticated user (someone who has already logged in) to run arbitrary code on the system. The flaw stems from an insecure default setting that allows deserialization of untrusted data (converting data from an external source back into code without checking if it's safe) in the FAISS component (a component used for similarity searching).

JWCrypto version 1.5.6 has a weakness in its protection against decompression bomb attacks (where compressed data expands to huge sizes). The code only checks the size of the compressed input (limiting it to 250KB), but does not check the size of the decompressed output, allowing an attacker to send a small token that expands to 100MB or more in memory, causing denial of service (a crash from running out of memory) on resource-constrained devices.

A mutation XSS (cross-site scripting, where attackers inject malicious code through HTML) vulnerability was found in the justhtml library when using custom sanitization policies that preserve foreign namespaces like SVG or MathML. Specially crafted input could pass through sanitization appearing safe, but then become dangerous when a browser or parser processes it again. This only affects users with custom policies; the default settings are safe.

LiteLLM had three security flaws that combined to allow attackers to take over user accounts: passwords were stored using weak SHA-256 hashing without salt (making them easy to crack with rainbow tables, which are pre-computed lists of password hashes), the password hashes were exposed in API responses that any logged-in user could access, and the login endpoint accepted raw hashes instead of requiring the actual password (a vulnerability called pass-the-hash). An attacker could retrieve another user's password hash through the API and use it directly to log in as that user.

Google CEO Sundar Pichai stated that the rapid growth of AI has created opportunities for Alphabet to invest billions of dollars in AI startups like Anthropic and other companies. Alphabet is moving away from traditional venture capital routes and instead making large direct investments from its own balance sheet, similar to how other major tech companies like Nvidia and Microsoft are operating. Pichai emphasized that the company wants to be a responsible steward of capital by investing in ventures with strong returns.

Elon Musk is suing OpenAI CEO Sam Altman and President Greg Brockman, claiming they deceived him into donating $38 million by promising the company would remain a nonprofit when it later became a for-profit entity. In his legal filing, Musk is seeking to have both executives removed from their roles, asking the court to force OpenAI to revert to operating as a true nonprofit, with jury selection scheduled to begin in April 2025.

Anthropic has launched Project Glasswing, an initiative using Claude Mythos Preview (an AI model designed for cybersecurity) to automatically discover software vulnerabilities at scale, which it is testing with a closed group of over 40 companies including Amazon, Microsoft, and Google. Early testing claims the model found thousands of high-severity vulnerabilities in widely-used software, including some that had been missed for decades, suggesting that AI-powered vulnerability discovery may shift how security work is organized and force organizations to focus less on managing backlogs and more on reducing the time vulnerabilities remain exposed before being fixed. The initiative raises questions about the future role of human-driven security work as AI automation becomes more capable.