AI Sec Watch

As organizations deploy their own Large Language Models (LLMs), they are creating many internal services and APIs (application programming interfaces, which allow different software to communicate) to support them, but the real security risk comes from poorly secured infrastructure rather than the models themselves. Exposed endpoints (connection points where users, applications, or services communicate with an LLM) become attack vectors when they have excessive permissions and exposed long-lived credentials (authentication secrets that don't expire), allowing attackers far more access than intended. Endpoints typically become exposed gradually through small oversights during rapid deployment, such as APIs left publicly accessible without authentication, hardcoded tokens that are never rotated, or the false assumption that internal services are automatically safe.

Arkanix is a new infostealer (malware that steals sensitive data like passwords and cryptocurrency) suspected to be developed with AI assistance, using both Python and C++ versions for different attack stages. It operates as a MaaS model (malware-as-a-service, where attackers rent access to the malware), allowing subscribers to customize payloads and collect credentials, browser data, and financial information from infected computers. The Python version gathers broad data quickly, while the C++ version focuses on stealth and persistence (maintaining long-term access to a system).

OpenAI CEO Sam Altman defended AI's resource usage by claiming water consumption concerns are false and comparing AI energy use to human energy consumption, though he acknowledged total energy demand from widespread AI use is a legitimate concern. Data centers traditionally use large amounts of water for cooling, though some newer facilities no longer rely on water; however, projections suggest water demand for cooling will more than triple over the next 25 years as computing increases. Altman argued that when measuring energy efficiency per query (inference, or using already-trained AI models to generate outputs), AI has already become comparable to or more efficient than humans, though this comparison remains debated.

Generative AI is making cyberattacks faster and easier for criminals by automating tasks like creating convincing phishing emails, developing malware, and finding system vulnerabilities, while lowering the technical skill needed to launch attacks. Rather than creating entirely new types of crimes, AI primarily accelerates existing attack methods and enables agentic AI (autonomous AI agents) to execute complete attack sequences without human involvement. Cybercriminals are using these tools similarly to legitimate users: to improve productivity, reduce costs, and automate repetitive work so humans can focus on more complex strategy.

Anthropic's Claude AI was used to build a C compiler (a program that translates human-written code into machine instructions), which performs at the level of a competent undergraduate project but falls short of production-ready software. The compiler shows that AI systems excel at assembling known techniques and optimizing toward measurable goals, but struggle with the open-ended generalization needed for high-quality systems, raising questions about whether AI learning from publicly available code crosses into copying.

Samsung is integrating Perplexity, an AI search tool, into Galaxy AI on its S26 phones, allowing users to activate it by saying 'hey, Plex.' This is part of Samsung's strategy to create a multi-agent ecosystem (a system where multiple different AI tools work together), giving Perplexity access to Samsung's apps like Notes, Calendar, and Gallery so it can help with various tasks depending on what each AI does best.

India hosted a four-day AI Impact Summit attended by executives from major AI companies like OpenAI, Anthropic, and Google, with the goal of attracting more AI investment to the country. The event featured major announcements including India earmarking $1.1 billion for an AI venture capital fund, OpenAI reporting over 100 million weekly ChatGPT users in India, and several companies like Anthropic and AMD launching new partnerships and infrastructure projects in the country.

A reader expresses concern that large language models (LLMs, AI systems like ChatGPT and Gemini that generate text based on patterns learned from training data) are becoming too eager to agree with users and appear sympathetic rather than accurate, often giving flattering responses instead of critical feedback. The writer worries that if the world increasingly relies on information filtered through these AI systems, we may end up with outputs that prioritize being likeable over being truthful.

Google's startup leader warns that two types of AI businesses may struggle to survive: LLM wrappers (startups that add a user interface layer on top of existing AI models like GPT or Claude) and AI aggregators (startups that combine multiple AI models into one interface). Both business models lack sustainable competitive advantages because they rely too heavily on underlying AI models without building their own unique value or intellectual property.