New tools, products, platforms, funding rounds, and company developments in AI security.
This article discusses a legal case where Elon Musk is suing OpenAI (an AI company), claiming they stole a nonprofit organization and that he was the main force behind their success. During his testimony in court, Musk had a difficult time, arguing with lawyers and changing his statements, with indications suggesting he is unlikely to win the case.
Gig workers on platforms like Fiverr are increasingly using generative AI (artificial intelligence systems that create text, images, or video) to quickly produce cheap content for clients, particularly AI-generated Bible story animations shared on social media. This represents a shift from the platform's original purpose of connecting clients with skilled freelancers who developed their expertise over years.
Microsoft is launching a new AI agent within Word that is designed specifically for legal teams to help with tasks like reviewing contracts and managing document edits. Unlike general AI models, the Legal Agent follows structured workflows (predetermined sets of steps) based on actual legal practices, handling specific repeatable tasks like reviewing contract clauses against a predefined playbook (a set of rules or guidelines).
Business email compromise (BEC, a scam where attackers trick employees into sending money by impersonating trusted contacts) continues to succeed even when organizations use MFA (multi-factor authentication, a security method requiring multiple forms of ID to access accounts) because attackers exploit human behavior and business processes rather than stealing credentials. Real attacks like the Toyota case (where an employee transferred $30 million based on a fake urgent email) and the Arup case (where deepfake technology impersonated a manager) show that the weakest point is often the human decision-maker approving payments, not the technical security controls.
AI is changing how software is developed by affecting coding practices, tools, developer roles, and the overall development process across all stages, from initial planning through maintenance. The article discusses how AI agents are being integrated throughout the software development life cycle (the complete process of creating and maintaining software, from concept to deployment).
OT (operational technology, the systems that control physical industrial processes like power plants or factories) cyber risk requires a different management approach than IT security because OT systems have long lifecycles, limited patching windows, and third-party dependencies that create unique vulnerabilities. The article argues that managing OT risk at scale is fundamentally a leadership and governance challenge rather than a purely technical problem, requiring consistent decision-making across all sites and clear accountability structures.
Threat actors are abusing AI distribution platforms like Hugging Face and ClawHub to spread malware by uploading trojanized files (files containing hidden malicious code) that trick users into downloading them through social engineering. The attackers use indirect prompt injection (embedding hidden instructions in data that AI systems read and execute without the user knowing) to make AI agents automatically download and run malware on users' computers, with hundreds of malicious files identified across both platforms.
A serious vulnerability called Copy Fail (CVE-2026-31431) in the Linux kernel allows unprivileged users to gain root access (the highest permission level) through a simple exploit, affecting virtually all Linux systems since 2017. With root access, attackers can steal or delete data. Until Linux distributions release patches, the main defense is monitoring for unauthorized privilege escalation attempts.
N/A -- The provided content is a metadata header and navigation element from a web page, not an actual article or analysis. It contains only a title, date, author attribution, topic tags, and sponsorship information with no substantive technical content about GPT-5.5, cyber capabilities, or any security findings to summarize.
Elon Musk testified in his lawsuit against Sam Altman and OpenAI, with a judge interrupting his discussion about AI risks during cross-examination. The trial is revealing private communications about OpenAI's creation and will include testimony from other tech industry leaders about the conflict between Musk and Altman.
Bluekit is a phishing kit (a pre-built toolkit that helps attackers create fake login pages to steal credentials) that includes over 40 templates targeting popular services like Gmail, iCloud, and GitHub, plus an AI assistant panel supporting models like GPT-4.1 and Claude to help cybercriminals draft phishing emails. The kit integrates domain registration, phishing page setup, campaign management, and real-time victim monitoring into one interface, making it accessible to less-skilled attackers. While the AI-generated outputs are currently basic and require manual cleanup, the platform is under active development and receiving frequent updates, suggesting it will likely become more widely adopted.
OpenAI launched Advanced Account Security, an optional protection feature for high-risk ChatGPT and Codex users like journalists and dissidents that replaces passwords with physical security keys or passkeys to prevent account takeover attacks (when someone gains unauthorized access to an account). The feature also uses recovery keys instead of email/SMS for account recovery, enforces shorter login sessions, and sends alerts on sign-ins, making it much harder for attackers to breach accounts through phishing (tricking users into revealing login credentials) or social engineering (manipulating support staff).
The Pentagon's chief technology officer stated that Anthropic remains classified as a supply chain risk (a designation meaning the company's technology threatens U.S. national security), but Anthropic's Mythos AI model, which has advanced capabilities for finding and fixing cyber vulnerabilities, is being treated as a separate urgent national security issue requiring the Department of Defense to strengthen its networks. The DOD has blacklisted Anthropic from working with defense contractors, though the agency is reportedly using Mythos internally and is open to negotiations about safeguards (called guardrails, or restrictions on how the AI can be used) if Anthropic agrees to terms similar to those negotiated with other AI companies.
Goodfire, a San Francisco startup, released Silico, a tool that uses mechanistic interpretability (a technique for understanding how AI models work by mapping their internal neurons and connections) to let researchers see inside AI models and adjust their parameters during training. The tool aims to give developers more control over AI behavior by exposing internal 'knobs and dials' so they can reduce unwanted outputs, making AI development more like traditional software engineering rather than trial-and-error.
Fix: The source describes Silico as the solution itself—it uses mechanistic interpretability to map neurons and pathways inside a model and lets developers tweak them to reduce unwanted behaviors or steer outputs. No additional mitigation steps or fixes beyond using this tool are mentioned in the text.
MIT Technology ReviewOrganizations often use AI models from online repositories like HuggingFace without tracking their changes, verifications, or vulnerabilities, which can lead to security risks if models are poisoned (containing hidden malicious code) or contain training biases. Cisco released the Model Provenance Kit, an open source Python-based tool that creates a unique 'fingerprint' for each model using metadata and other signals, allowing organizations to compare models and trace their origins to address these tracking and accountability problems.
Fix: The Model Provenance Kit from Cisco is available on GitHub. The tool has two modes: 'compare' mode enables users to compare two models to identify shared lineage, and 'scan' mode attempts to find the closest lineage for a given model by comparing its fingerprint against Cisco's database of fingerprints. Cisco's dataset of base model fingerprints is also available on Hugging Face.
SecurityWeekFix: The source explicitly recommends: (1) redesigning approval workflows so high-value transactions require multi-step verification including out-of-band calls (verification methods using a separate communication channel, like a phone call to confirm an email request); (2) simulating BEC scenarios in realistic exercises to identify gaps in response and decision-making; (3) embedding security awareness into daily routines using micro-learning and real incident reviews; (4) empowering teams to challenge unusual requests without fear of reprisal; (5) sharing instances of successful attacks with employees who distribute invoices and oversee financial decisions; and (6) explicitly defining what constitutes high-risk requests, such as first-time payments, changes to vendor banking details, sudden payment requests from executives, or requests that bypass standard procedures.
CSO OnlineFix: Apply kernel patches from your Linux distribution as soon as they are released, and reboot systems after patching. According to the source, 'As soon as patches are available for what's been dubbed the Copy Fail logic bug... As of midday Thursday, only Arch Linux had released a patch,' but other distributions are expected to release patches within days. For Debian, Ubuntu, and Debian-based systems, the exploitable code can be disabled via kernel commands before patches are available, though this option is not feasible in large environments according to the source.
CSO OnlineAustralia's financial regulator (APRA) warns that advanced AI models like Claude Mythos could give attackers powerful tools to find security flaws faster than banks can fix them, threatening the banking sector. The regulator found that banks treat AI as just another technology and lack proper processes to identify and patch vulnerabilities quickly enough to keep up with AI-assisted attacks. APRA calls for urgent overhauls to governance, vulnerability testing, and security assessment of AI platforms.
Fix: APRA identifies the following areas for improvement: (1) urgent need to more rapidly identify and remediate vulnerabilities through major process overhaul, (2) robust security testing across AI-generated code, software components, and libraries, and (3) deeper assessment of major AI platforms and services. The source also notes that regulators are requesting access to Claude Mythos itself so financial institutions can use it to defend against the cyberattacks it could enable.
CSO OnlineOpenAI is restricting access to its new cybersecurity tool called Cyber (part of GPT-5.5) to only approved users, requiring them to submit credentials and explain their intended use through an application on OpenAI's website. Cyber can perform tasks like penetration testing (simulating attacks to find security weaknesses), vulnerability identification, and malware reverse engineering (analyzing malicious code to understand how it works), but OpenAI is limiting access because the tool could be misused by attackers if widely available.
Fix: OpenAI says it's working to make Cyber more widely available by consulting with the U.S. government and identifying more users with legitimate cybersecurity credentials.
TechCrunch (Security)Anthropic has released a new AI model called Mythos that industry leaders believe could significantly disrupt cybersecurity practices and defenses. The article discusses potential threats this model poses and reports on what cybersecurity experts are saying about its implications.
Anthropic released Claude Security, an AI-powered tool designed to help security teams find and fix vulnerabilities faster by scanning code repositories, identifying security flaws, and generating targeted patches. The tool is available in public beta for Claude Enterprise customers and integrates with existing security platforms from companies like CrowdStrike and Microsoft, aiming to reduce the time from vulnerability discovery to fix from days to a single session.
Fix: Claude Security provides automated vulnerability scanning, generates confidence ratings on severity, offers reproduction instructions, and creates targeted patch instructions that can be worked through with Claude Code on the Web. Users can also schedule regular scans for ongoing coverage rather than one-off audits. The tool is available now to Claude Enterprise customers through Claude.ai/security and works with Claude Opus 4.7 without requiring API integration or custom agent setup.
SecurityWeekElon Musk testified in court that his AI startup xAI used OpenAI's models to train its own AI system called Grok through model distillation (a technique where a larger AI model teaches a smaller one by transferring knowledge). Model distillation is a common practice in the AI industry, though it can be used legitimately within a single company or potentially misused by competitors trying to copy a rival's AI performance.
Fix: OpenAI's explicitly mentioned mitigations for Advanced Account Security users include: (1) requiring two physical security keys or passkeys instead of passwords, (2) eliminating email and SMS recovery routes in favor of recovery keys, backup passkeys, or physical security keys, (3) blocking OpenAI support team access to recovery options to prevent social engineering attacks on support portals, (4) enforcing shorter sign-in windows and sessions before re-authentication is required, (5) generating login alerts that users can review in their dashboard, and (6) enabling data opt-out from model training by default. OpenAI also partnered with Yubico to offer lower-cost YubiKey bundles to these users. Members of OpenAI's Trusted Access for Cyber program must enable Advanced Account Security by June 1, 2024, or submit an alternative attestation of phishing-resistant authentication through enterprise single sign-on.
Wired (Security)