AI Sec Watch

This article discusses Broadcom's stock performance and mentions a new AI chip called Jalapeno that was co-designed with OpenAI. The article suggests this chip development could be a significant business opportunity for Broadcom.

AI agents that can autonomously access websites, emails, and files are vulnerable to 'traps' - maliciously designed information that tricks them into wrong actions. These traps include content injection (hiding malicious instructions in webpage code or metadata), semantic manipulation (using repetition and emotional language to guide decisions), and cognitive state attacks (poisoning databases that agents rely on for memory), with research showing such attacks succeed 57-90% of the time depending on the type.

A $27 million political campaign between AI companies Anthropic and OpenAI, fought through a super PAC (a political organization that can raise unlimited funds), ended without a clear winner when Alex Bores, a New York politician who had authored AI safety legislation, narrowly lost a Democratic primary election. Bores had previously passed the RAISE Act, which added safety requirements for advanced AI companies, but this legislation upset the pro-AI super PAC that opposed him.

OpenClaw, an AI skills marketplace called ClawHub, discovered and removed five malicious packages that had bypassed security checks despite containing infostealers (malware that steals information like passwords and data). This incident demonstrates that threats can slip through marketplace defenses and compromise the AI supply chain (the network of tools and components used to build AI systems).

Google has added computer use, a capability that allows AI agents to see and interact with computer screens to perform tasks, directly into Gemini 3.5 Flash (an AI model). This feature enables developers to build agents that can automate work across browsers, phones, and desktops, such as testing software or handling business tasks.

Figma announced new AI-powered design features at its Config conference, including AI-generated motion graphics (animations created by describing them to an AI chatbot) and coding layers that let developers edit code without leaving the design canvas. These updates aim to help creative teams automate repetitive tasks and work more efficiently in one integrated workspace.

OpenAI and Broadcom unveiled Jalapeño, OpenAI's first custom AI chip designed for inference (the process of running trained AI models to generate responses for users). The chip is an ASIC (application-specific integrated circuit, a processor built for one particular job rather than general computing), which is cheaper and more efficient than standard graphics processors but less flexible, and OpenAI designed it in nine months with help from its own AI models to address extreme demand for computing power.

OpenAI has announced a new chip called Jalapeño, an ASIC (application-specific integrated circuit, a processor designed for one particular job) built with Broadcom to power AI servers. The chip is specifically designed for AI inference (the process where a trained AI model processes user requests and generates responses), rather than AI training (where models learn from large amounts of data).

A critical vulnerability (CVE-2026-12537) exists in Google Gemini CLI versions before 0.39.1 and the run-gemini-cli GitHub Action before version 0.1.22 that allows attackers to run malicious code on a host system before sandbox protections activate by creating a specially crafted .gemini/.env file (improper neutralization is a failure to filter dangerous characters from user input before using it in system commands). This affects headless CI (continuous integration, automated testing environments) platforms and has a maximum severity rating of 10.0.