New tools, products, platforms, funding rounds, and company developments in AI security.
Anthropic, an AI company founded by former OpenAI researchers, has confidentially filed an IPO (initial public offering, the process of offering company stock to the public for the first time) prospectus with the SEC, positioning itself to go public pending market conditions and regulatory review. The company has experienced rapid growth with its Claude AI models and recently announced a $47 billion revenue run rate, giving it a higher valuation than rival OpenAI. Anthropic's public prospectus must be filed at least 15 days before it begins a roadshow (presentations to potential investors) to sell shares.
Anthropic, an AI company, has filed paperwork with the SEC (Securities and Exchange Commission, the U.S. agency that oversees stock markets) to begin the process of going public, meaning it will offer shares of the company for people to buy on the stock market. The company is currently valued at $965 billion, making it more valuable than its competitor OpenAI.
Anthropic, the company behind Claude (a popular AI chatbot), has filed confidentially to become a publicly traded company on the US stock market. The announcement reflects the growing financial competition in the AI industry, with Anthropic's valuation rising dramatically from $380 billion in February to $965 billion after a recent $65 billion funding round.
Microsoft is holding its Build developer conference to showcase new AI capabilities and rebuild trust with developers, who have lost confidence in Windows and GitHub. The company plans to announce new AI models integrated into Windows, a new reasoning model (an AI system designed to work through complex problems step-by-step), and a Copilot super app (a unified interface for multiple AI assistant features).
Flowise, an open-source platform for building self-hosted AI assistants, has a critical remote code execution (RCE, where attackers can run commands on a system they don't own) vulnerability in its Model Context Protocol (MCP, a system that lets AI agents interact with local tools and files) stdio server implementation. The flaw allows attackers to execute arbitrary commands with the privileges of the Flowise process by importing a malicious chatflow, and Flowise's attempted patches using input validation have proven ineffective.
OpenAI is building The Barn, a 1GW data center campus (a facility that processes and stores data for AI systems) in Michigan, with commitments to protect local residents from infrastructure costs, preserve water resources through closed-loop cooling, create thousands of union construction and permanent jobs, and invest $10 million in community improvements. The company is also providing up to $45 million in Codex credits (free access to AI coding tools) to over 400,000 Michigan college and trade school students, along with AI literacy and workforce training programs to help students develop skills for AI-related jobs.
ChatGPT's arrival in 2022 disrupted the venture capital landscape, making hundreds of startups built before this AI boom appear outdated and overvalued. Over 220 companies that had reached "unicorn" status (valued at $1 billion or more) are now worth significantly less, with startups from 2021 down 68% in value on average, because they lack AI-native products and investors have redirected funding toward AI-focused companies instead.
Nvidia has launched a new chip called RTX Spark PC designed for Windows computers that brings AI capabilities directly to laptops and desktop computers, potentially allowing AI agents to replace traditional input methods like mice and keyboards. This move positions Nvidia in competition with other major chip makers like Intel, Apple, Qualcomm, and AMD in the AI chip market.
OpenAI's frontier models (advanced AI systems) and Codex (a code-writing AI tool) are now available through AWS, Amazon's cloud computing platform. This integration lets companies use OpenAI's AI tools within their existing AWS environments, reducing obstacles related to security reviews, approval processes, and getting AI systems ready for real-world use. Future additions will include Daybreak, a specialized tool designed to help security teams find and fix vulnerabilities in software during development.
Attackers compromised the popular npm package codexui-android (which provides a remote interface for OpenAI Codex, a code-writing AI tool) and embedded malicious code that secretly steals authentication tokens (login credentials) from users and sends them to an attacker-controlled server. The stolen tokens, especially the refresh_token (which never expires), allow attackers to impersonate users indefinitely and access everything their Codex account can do.
Runway, an AI company valued at $5.3 billion that builds world models (AI systems trained on audio, images, video, and real-world data to understand the physical world), is expanding to London with over $200 million in investment by 2028, joining other major U.S. tech companies like OpenAI and Anthropic in establishing European operations. The expansion aims to serve major European clients and tap into London's talent pool for research in world models and video generation tools.
Fashion companies are increasingly using generative AI (machine learning technology that creates new images) to produce digital models and product imagery instead of hiring human models or photographers. One Australian retailer emphasized that AI-generated images should be clearly labeled and show products accurately, while a fashion designer noted that these tools can help small brands work more efficiently while maintaining quality standards.
AI models can now find software vulnerabilities (weaknesses that attackers can exploit) much faster than humans can fix them, exposing decades of poorly-secured software code. This creates an urgent need for governments, companies, and infrastructure operators to work together on coordinated fixes, patch management (applying software updates), and automated vulnerability repair before attackers use AI to exploit these weaknesses at scale.
Fix: The article calls for 'accelerated remediation, large-scale patch management coordination, and sustained investment in automated vulnerability repair capabilities,' but does not describe specific technical fixes or mitigation steps. N/A -- no explicit patch, version update, or detailed mitigation procedure is provided in the source.
Schneier on SecurityAnthropic is giving the European Union access to Mythos, its most advanced AI model, after months of requests due to cybersecurity concerns. Mythos excels at finding security flaws in software (vulnerabilities, or weaknesses in code), but officials worry bad actors could misuse it to accelerate cybercrimes by exploiting thousands of previously unknown weaknesses. The EU is still working out the exact terms of the deal and discussing AI risks with partner countries.
AI-generated music is becoming widespread in the music industry, with over 50,000 AI-generated songs uploaded daily to streaming platforms, making it harder to identify and filter out. The Recording Academy, which runs the Grammy Awards, currently has rules that exclude AI music from eligibility, but the CEO acknowledges that AI tools like Suno are now omnipresent in music production sessions.
Fix: The only complete mitigation explicitly recommended by researchers is to disable MCP stdio by setting "CUSTOM_MCP_PROTOCOL=sse". For deployments that cannot disable this feature without disrupting operations, the researchers suggest pinning trusted packages where possible and reviewing imported chatflows from untrusted sources, though these are presented as partial measures rather than complete fixes.
CSO OnlineA 2025 report on cybersecurity leadership reveals that many organizations have significant security gaps, with one-third of security leaders saying their data isn't adequately protected and 58% unprepared for cyberattacks. The article identifies six critical gaps, including CISOs viewing security as an IT protection problem rather than a business resilience issue, security teams moving too slowly compared to attackers who exploit vulnerabilities almost immediately, and the challenge of keeping security pace with rapid business changes.
NVIDIA and Check Point are collaborating to develop security tools for large-scale AI systems, including private LLM (large language model) environments and distributed inference systems (where AI models run across multiple computers). As organizations build bigger AI infrastructure with more interconnected components, they need better security to protect sensitive data and prevent unauthorized access across these complex systems.
CrowdStrike is launching AI Discovery and Governance for Falcon for IT to help organizations find and control AI tools across their infrastructure, addressing the risk of shadow AI (unsanctioned AI systems and locally deployed models running without centralized oversight). Shadow AI expands the attack surface because these systems inherit existing permissions and can access data and credentials, but many organizations lack visibility into where AI is running or what it can access. The new capability gives security teams visibility into AI tools, local model runtimes, SDKs (software development kits, code libraries for building applications), and external AI service integrations at the endpoint layer, enabling them to discover, assess, and govern AI use.
Fix: Organizations should use AI Discovery and Governance for Falcon for IT to "identify, assess, and govern AI technologies across enterprise environments" and to "discover AI use, understand associated risk, and take action from the CrowdStrike Falcon platform." The source states that "Falcon for IT enables teams to take direct action at the endpoint and infrastructure layer. They can use it to remove unauthorized software, enforce configurations, remediate system issues, and contain endpoints."
CrowdStrike BlogSome wealthy tech leaders, including Sam Altman of OpenAI and Elon Musk, are promoting a 'transhuman' vision where humans and AI merge or AI becomes the dominant species. Altman warns that if humans and AI both compete for dominance, conflict could result, while Musk suggests humanity's main purpose is to create advanced digital intelligence.
Anthropic published documentation explaining how they use multiple containment techniques to restrict what Claude can do across their products. They use process sandboxes (isolated execution environments), virtual machines (complete simulated computers), filesystem boundaries (limiting file access), and egress controls (preventing unauthorized data transfer) to prevent AI agents from accessing credentials, exfiltrating data (stealing information), or reaching unintended systems, even if a user, the AI model, or an attacker tries to find workarounds.
Fix: Anthropic implements containment through: gVisor for Claude.ai, Seatbelt (macOS) and Bubblewrap (Linux) for Claude Code, and full VMs using Apple's Virtualization framework (macOS) or HCS (Windows) for Claude Cowork. They also prevent credentials from entering sandboxes in the first place, ensuring they cannot be exfiltrated regardless of how an agent tries to access them.
Simon Willison's Weblog