aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

Industry News

New tools, products, platforms, funding rounds, and company developments in AI security.

to
Export CSV
2912 items

5 key priorities for your RSAC 2026 agenda

infonews
securitypolicy
Mar 19, 2026

RSA Conference 2026 is fundamentally organized around AI security, with 40% of sessions focused on how AI affects cybersecurity across all tracks. CISOs face a dual challenge: adopting AI quickly to stay competitive while simultaneously securing enterprise systems against new threats that AI itself creates. The conference prioritizes five learning areas: securing the AI stack (including RAG workflows, LLM data pipelines, and prompt injection attacks), AI governance and regulatory compliance, managing non-human identities (AI agents and service accounts that now outnumber human users), addressing shadow AI risks (unsanctioned tools and AI-generated code), and implementing autonomous security operations.

CSO Online

How we monitor internal coding agents for misalignment

infonews
safetysecurity

Anthropic ban heralds new era of supply chain risk — with no clear playbook

infonews
policysecurity

Secure Homegrown AI Agents with CrowdStrike Falcon AIDR and NVIDIA NeMo Guardrails

infonews
securitysafety

Cloud Access Security Broker – ein Kaufratgeber

infonews
security
Mar 18, 2026

A Cloud Access Security Broker (CASB) is a monitoring tool that sits between a company's devices and cloud services to monitor user activity, enforce access rules, and detect security threats. CASBs are increasingly used to protect data in hybrid cloud environments (where some data is on-premises and some in the cloud), enforce compliance with data protection regulations, secure remote work access, and detect malicious activity. Organizations should look for CASBs that offer visibility into cloud usage, granular control over user permissions, data protection features, and compliance support, and should ensure the tool integrates well with their existing cloud services and security systems.

OpenAI to acquire Astral

infonews
industry
Mar 18, 2026

OpenAI is acquiring Astral, a company that builds popular open source Python development tools like uv (for managing code dependencies), Ruff (for checking code quality), and ty (for type safety). After the acquisition closes, OpenAI plans to integrate these tools with Codex (its AI system for code generation) so that AI can work alongside the tools developers already use throughout their entire workflow, from planning changes to maintaining software over time.

Autoresearching Apple's "LLM in a Flash" to run Qwen 397B locally

infonews
research
Mar 18, 2026

Researchers successfully ran a very large AI model (Qwen 397B, a Mixture-of-Experts model where each response only uses a subset of the total weights) on a MacBook Pro by using Apple's "LLM in a Flash" technique, which stores model data on the fast SSD storage and pulls it into RAM as needed rather than keeping everything in memory at once. They used Claude to run 90 experiments and generate optimized code that achieved 5.5+ tokens per second (response speed) by quantizing (reducing precision of) the expert weights to 2-bit while keeping other parts at full precision. The final setup used only 5.5GB of constant memory while streaming the remaining 120GB of compressed model weights from disk on demand.

Navigating Security Tradeoffs of AI Agents

infonews
securitysafety

ChatGPT did not cure a dog’s cancer

infonews
safety
Mar 18, 2026

A story claimed that ChatGPT helped cure an Australian entrepreneur's dog of cancer, generating widespread attention as evidence that AI could revolutionize medicine. However, the article suggests this narrative is more complicated than the promoted version, implying the reality behind the claim differs from what was publicly reported.

'Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

highnews
security
Mar 18, 2026

Researchers discovered three connected flaws in Claude (an AI assistant) that can work together to steal user data, starting with a prompt injection attack (tricking the AI by hiding malicious instructions in its input) combined with a Google search vulnerability. This attack chain could potentially compromise enterprise networks that rely on Claude.

Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches

infonews
securitysafety

The Download: The Pentagon’s new AI plans, and next-gen nuclear reactors

infonews
securitypolicy

DLSS 5: Has Nvidia’s AI graphics technology gone too far?

infonews
industry
Mar 18, 2026

Nvidia has released DLSS 5, a new 3D guided neural rendering model (an AI system that generates realistic graphics in real-time) that can alter a game's lighting and materials during gameplay. Many gamers have criticized the technology for changing how games look in ways they didn't expect, with complaints that it distorts character appearances and doesn't respect the original artists' creative vision.

Reco targets AI agent blind spots with new security capability

infonews
securityindustry

Claude Code Security and Magecart: Getting the Threat Model Right

infonews
security
Mar 18, 2026

Magecart attacks (malicious code injected into e-commerce sites to steal payment data) often hide in third-party resources like images or scripts that never enter a company's code repository, making them invisible to static analysis tools like Claude Code Security. Claude Code Security is designed to scan code you own, so it cannot detect malicious code injected at runtime through compromised external libraries, CDNs (content delivery networks that distribute files globally), or data hidden in binary files like favicons, which means repository-based scanning has a fundamental blind spot for this attack class.

Micron rides memory price spike into earnings with stock up 62%, drubbing its tech peers

infonews
industry
Mar 18, 2026

Micron Technology's stock has surged 62% in 2026 due to a severe shortage of memory chips (computer components that store data temporarily) needed for AI graphics processing units (GPUs, specialized chips that power artificial intelligence). The shortage is driven by massive demand from cloud companies like Amazon and Google building AI data centers, and SK Hynix estimates the memory crunch will continue for another four to five years, pushing prices higher across the industry.

We asked experts about the most responsible ways to use AI tools – here’s what they said

infonews
safety
Mar 18, 2026

The article discusses expert advice on responsible AI tool use, emphasizing that people should use AI as a brainstorming partner and for organizing information, but should not let it replace their own decision-making. A 2025 survey shows that one-third of US adults use ChatGPT, with particularly high adoption among people under 30.

Can you prove the person on the other side is real?

infonews
securitysafety

China’s ‘AI tigers’ see shares surge after Nvidia CEO touts OpenClaw as ‘next ChatGPT’

infonews
industry
Mar 18, 2026

Chinese AI companies saw significant stock gains after Nvidia CEO Jensen Huang praised OpenClaw, an open-source AI agent (a program that can perform tasks independently), as "the next ChatGPT." Companies like MiniMax and Zhipu, which are among China's leading AI developers building large language models (AI systems trained on huge amounts of text to understand and generate language), have integrated OpenClaw into their products and are launching their own versions based on it.

CISOs rethink their data protection strategies

infonews
securitypolicy
Previous93 / 146Next
Mar 19, 2026

OpenAI has built a monitoring system for coding agents (AI systems that can autonomously write and execute code) used internally to detect misalignment, which occurs when an AI's behavior doesn't match its intended purpose. The system uses GPT-5.4 Thinking to review agent interactions within 30 minutes, flag suspicious actions, and alert teams so they can quickly respond to potential security issues.

Fix: OpenAI's explicit mitigation involves deploying a low-latency internal monitoring system powered by GPT-5.4 Thinking at maximum reasoning effort that reviews agent interactions and automatically alerts for actions inconsistent with user intent or violating internal security or compliance policies. The source states the monitor currently reviews interactions within 30 minutes of completion and that 'as the latency decreases towards near real-time review, the security benefits increase significantly,' with the eventual goal of evaluating coding agent actions before they are taken. The source also recommends that 'similar safeguards should be standard for internal coding agent deployments across the industry.'

OpenAI Blog
Mar 19, 2026

The Trump administration has banned AI company Anthropic from Pentagon systems as a "supply chain risk," requiring government contractors to remove the company's technology within 180 days. However, most organizations lack complete visibility into where and how AI systems are used across their networks, making it extremely difficult to identify and remove Anthropic technology when it may be embedded in applications, APIs (application programming interfaces, which allow software to communicate), developer tools, or third-party services.

CSO Online
Mar 19, 2026

AI agents (autonomous programs that perform tasks without constant human input) face security risks when deployed in business environments, as a compromised agent could expose customer data or execute unauthorized actions. CrowdStrike Falcon AIDR (AI Detection and Response, a security monitoring system) now supports NVIDIA NeMo Guardrails (an open-source library that adds safety constraints to AI systems) as of version 0.20.0, enabling developers to add security controls like blocking prompt injection attacks (tricking an AI by hiding instructions in its input), redacting sensitive data, and moderating restricted topics.

Fix: Organizations should use CrowdStrike Falcon AIDR with NVIDIA NeMo Guardrails to implement security controls. Specifically: start with monitoring mode to understand threats, then progressively enforce blocks and redactions as agents move from development to production. The solution includes over 75 built-in classification rules and support for custom data classification to block prompt injection attacks, redact sensitive data like account numbers and SSNs, detect hardcoded secrets, block code injection attempts, and moderate unwanted topics to ensure compliance.

CrowdStrike Blog
CSO Online
OpenAI Blog
Simon Willison's Weblog
Mar 18, 2026

AI agents, like the open-source Clawdbot, are becoming more powerful and autonomous but introduce serious security risks because attackers can compromise them through the open-source supply chain. Two major attack types threaten AI systems: model file attacks (where malicious code is hidden in AI model files uploaded to trusted repositories) and rug pull attacks (where attackers compromise MCP servers, which are tools that give AI agents capabilities, to perform malicious actions). The article notes that traditional security methods don't yet exist for protecting AI agents, and a single corrupted component can spread threats across many teams.

Fix: The source explicitly recommends: 'Teams must scan model files with tools that can parse machine learning formats, and load models in isolated containers, virtual machines or browser sandboxes.' For rug pull attacks specifically, the article states that 'the alternative is to use remote MCP servers whose code is maintained by trusted organizations' like GitHub, which 'reduces the risk of an MCP rug pull attack' (though it does not prevent malicious actions from the tools themselves).

Palo Alto Unit 42
The Verge (AI)
Dark Reading
Mar 18, 2026

Shadow AI refers to AI systems hidden within SaaS applications (software services accessed online) that operate without proper oversight, creating security risks that can lead to major data breaches. The article emphasizes that organizations lack visibility into these autonomous AI systems and calls for better monitoring and control mechanisms to manage agentic AI (AI that can independently take actions to achieve goals).

SecurityWeek
Mar 18, 2026

The Pentagon is planning to create secure environments where AI companies can train their models on classified military data, which would embed sensitive intelligence like surveillance reports into the AI systems themselves and bring these companies closer to classified information than before. This represents a major shift from current use of AI models like Claude in classified settings, but introduces unique security risks by allowing models to learn from rather than just access classified data.

MIT Technology Review
The Verge (AI)
Mar 18, 2026

Reco, a SaaS security platform, launched "Reco AI Agent Security" on March 18 to address "agent sprawl," the problem of autonomous AI agents (like Copilot and ChatGPT integrations) accessing sensitive data and taking actions across multiple systems without human oversight. The new tool gives security teams visibility and control over these AI agents by using behavior-based detection (analyzing API call patterns and workflow signatures) instead of traditional connection-based methods, identifying risks like agents with excessive permissions or misconfigured access to customer data.

Fix: Reco AI Agent Security is explicitly designed as the mitigation. According to the source, the offering provides: (1) AI agent discovery through multi-layered detection that analyzes API call patterns and service account activity to identify autonomous behavior; (2) risk analysis by correlating activity across applications and recognizing workflow signatures of automation tools like n8n, Zapier, and Make; and (3) governance and control over all AI agents operating in the SaaS ecosystem. The platform tracks OAuth connections, analyzes decision-making patterns that indicate autonomous action, and monitors cross-application activity to identify agents that traditional SSPM tools miss.

CSO Online
The Hacker News
CNBC Technology
The Guardian Technology
Mar 18, 2026

Synthetic identity fraud, where criminals create fake people using AI-generated documents and deepfakes (realistic fake videos or audio), is becoming a major threat in estate and identity verification work. Traditional security checks that look at device fingerprints or typing patterns are no longer reliable because AI can now imitate these signals. The text explains that the real challenge by 2026 will be distinguishing legitimate people from manufactured personas, especially in high-stakes situations involving inheritance and family claims.

Fix: The source suggests moving from asking "Who is this?" to a more forensic approach: "How did this identity—and its digital footprint—come to exist?" This shift means prioritizing provenance (where the identity originated), issuer verification (confirming documents are real), and cross-channel consistency (checking if the person's presence makes sense across multiple systems) over accepting surface-level plausibility. However, the text does not provide specific technical implementations or detailed steps for executing this approach.

CSO Online
CNBC Technology
Mar 18, 2026

CISOs (Chief Information Security Officers, the top security leaders at companies) are updating their data protection strategies because employees are rapidly sharing company data with AI tools, including public models like ChatGPT, creating new security risks. A CISO at a law firm added a new protection layer that classifies data based on whether it can be safely used with AI and invested in new monitoring tools, while also regularly evaluating new technologies to ensure controls keep pace with AI innovations.

Fix: The source describes one organization's approach: add a protection layer that classifies and tags data based on whether it could be used with AI and in what circumstances, invest in new tools to support that layer, monitor the vendor landscape for emerging capabilities, and evaluate new technologies being deployed to determine whether new controls are needed for them. However, no specific technical solutions, patches, or vendor recommendations are explicitly named in the source text.

CSO Online