AI TodayGet the app

Cybersecurity

Curated AI news · 24 stories

AI Research

Anthropic’s job ads read like a threat assessment

Anthropic is actively hiring enforcement analysts with expertise in areas like nuclear, chemical, and biological threats to prevent its AI models from facilitating harmful activities such as weapon creation, fraud, and cybercrime. The company emphasizes safety by recruiting specialists who can anticipate and block potential misuse, reflecting concerns voiced by its CEO about large-scale biological attacks and other risks. This approach aligns with similar efforts by other AI labs like OpenAI, as

Cybersecurity

The White House’s Gold Eagle wants to patch cyber flaws at machine speed

The White House has launched Gold Eagle, an AI-driven initiative designed to rapidly collect, prioritize, and coordinate the patching of software vulnerabilities across US critical infrastructure. This effort involves multiple government agencies and aims to leverage advanced AI capabilities to enhance cybersecurity defenses at unprecedented speed, although specific operational details and participating companies remain undisclosed. Gold Eagle builds on prior executive orders and complements pre

Cybersecurity

Apple wins dismissal of iCloud child abuse imagery lawsuit on Section 230 grounds

A US federal judge dismissed a class action lawsuit against Apple alleging the company failed to prevent child sexual abuse images from being stored and shared via iCloud, citing Section 230 of the Communications Decency Act which shields online platforms from liability for user-generated content. The plaintiffs sought damages and an order for Apple to detect and block such material, but the court found no federal law mandating these actions and ruled the claims fall under Section 230's immunity

AI Research

OpenAI pushes back on Apple trade secret lawsuit

OpenAI has denied Apple's allegations in a trade secret lawsuit accusing OpenAI employees of misappropriating confidential information. Apple alleges that OpenAI used this information to develop competing hardware products, while OpenAI maintains it has no interest in other companies' trade secrets and focuses on innovation. The dispute arises amid reports that OpenAI is developing a new smart speaker device potentially competing with Apple.

Software Development

Grok Build was uploading entire Git repositories to xAI’s cloud, including committed secrets

A security researcher found that xAI's Grok Build CLI was uploading entire Git repositories, including sensitive committed secrets and API keys, to a Google Cloud Storage bucket, contradicting the company's claims of no data transmission. Despite a privacy toggle meant to prevent this, data uploads continued until Elon Musk confirmed the issue and said user data would be deleted, though no independent audit has verified this. The incident raises concerns about Grok Build's privacy practices, as

AI Research

Global cooperation needed to tackle AI threats, says Bank of England governor

The Bank of England governor, Andrew Bailey, emphasized the need for global cooperation to address the risks posed by advanced AI technologies, highlighting that no single country, including the US, can effectively manage these challenges alone. His remarks followed the US temporarily restricting foreign access to powerful AI models, underscoring the importance of international coordination to ensure AI safety and cybersecurity. Additionally, UK Chancellor Rachel Reeves defended her economic and

Software Development

SpaceXAI’s Grok programming tool was uploading its users’ entire codebase to cloud storage

SpaceXAI's Grok Build AI coding tool was found to be uploading users' entire code repositories, including sensitive files and deleted secrets, to Google Cloud without proper restrictions. After the issue was reported, SpaceXAI disabled the upload feature and Elon Musk assured that all previously uploaded data would be deleted. Security experts criticized the excessive data retention, highlighting potential risks to proprietary and personal information.

AI Research

Google faces another AI training lawsuit from major publishers

A coalition of major publishers and authors has filed a class action lawsuit against Google, alleging unauthorized use of their copyrighted works to train Google's AI platform, Gemini. The plaintiffs claim Google concealed this use by altering copyright information and emphasize their prior agreements with Google were limited to book search functions, not AI training. This lawsuit adds to ongoing legal disputes over AI training data and copyright law interpretations in the U.S.

AI Research

Hatchette and Elsevier Sue Google for Using Their Work to Train AI

Major publishers Hachette Book Group, Cengage Learning, and Elsevier, along with author Scott Turow, have filed a lawsuit against Google alleging unauthorized use of their copyrighted works to train Google's AI chatbot Gemini. The lawsuit claims Google reproduced millions of works without permission or compensation, creating AI outputs that compete directly with original content, and accuses Google of willful copyright infringement. Similar lawsuits have been filed against other tech companies,,

AI Research

Meta sued by 26 employees who say its AI systems targeted workers on medical leave for layoffs

Twenty-six current and former Meta employees have filed a federal lawsuit alleging that the company's AI-driven systems unfairly targeted workers on medical leave or with disabilities during mass layoffs in May. The complaint claims that Meta used various AI tools and productivity metrics that disadvantaged employees who had taken protected leave, violating several labor laws. Additionally, the lawsuit highlights concerns about Meta's employee monitoring program that collected extensive personal

Cybersecurity

Upwind links compromise of multiple AsyncAPI npm packages to coordinated attack on software release process

Security researchers at Upwind investigated a coordinated attack compromising multiple AsyncAPI npm packages by infiltrating several GitHub repositories and publishing pipelines. The attackers distributed malicious code through legitimate release channels, executing it during normal package imports, which complicates detection by typical security tools. This campaign targeted the software release process itself rather than isolated packages, indicating a sophisticated supply chain compromise.

AI Research

Meta accused of using biased AI targeting for mass layoffs

A group of 26 former Meta employees has filed a lawsuit alleging that the company used AI tools to rank employee performance for layoffs without excluding those on protected medical or parental leave, resulting in disproportionate layoffs among those employees. The lawsuit claims this practice violated laws protecting workers on leave, while Meta denies the allegations, stating that human decisions guided workforce management, not AI alone.

AI Research

Sam Altman didn’t need another lawsuit

OpenAI is facing a significant lawsuit from Apple alleging that former Apple employees who joined OpenAI stole trade secrets related to Apple's hardware operations. The complaint highlights concerns over confidential product development and claims that these secrets are among Apple's most valuable assets. This legal challenge adds to OpenAI's ongoing series of lawsuits and regulatory hurdles amid its rapid growth and hardware ambitions.

Politics

Switzerland opens a competition probe into Google’s vanishing Android choice screen

Switzerland's Competition Commission has launched a preliminary investigation into Google's removal of the search engine choice screen on Android devices in Switzerland, a feature that remains active in the European Economic Area. The commission is concerned this change may hinder competition by defaulting Swiss users to Google Search without offering alternatives, potentially raising barriers for rival search providers. Google has acknowledged the investigation and expressed willingness to work

AI Research

OpenAI wants its legal fees from xAI, while Apple comes for OpenAI

OpenAI has requested a federal judge to order xAI to pay over $1 million in legal fees after xAI's trade secrets lawsuit against OpenAI was dismissed twice and is now being appealed. The lawsuit, initiated by xAI, accused OpenAI of poaching engineers and misappropriating confidential information, but the court found the claims speculative and dismissed them. Meanwhile, Apple has filed its own lawsuit against OpenAI, alleging theft of hardware trade secrets involving former Apple employees now at

Cybersecurity

Australia finds serious gaps in Big Tech’s response to child sexual abuse online

Australia's online safety regulator has identified significant shortcomings in major tech companies' efforts to detect and prevent child sexual exploitation, particularly in the use of language analysis to spot sexual extortion. Despite evidence and guidance provided to companies like Apple, Meta, and Google, many have not adequately implemented available technologies to address these abuses, which notably affect young men aged 18 to 24 and teenagers. The report also highlights issues with the不足

Hardware & Chips

Nvidia builds a white list: more than half of its Asian customers are off it

Nvidia has significantly reduced its approved customer list in Asia for purchasing its AI chips, excluding over half of previous buyers following increased scrutiny and pressure from the U.S. government. This move aims to prevent chip diversion to China through proxy companies and aligns with tightened U.S. export controls requiring licenses for shipments to entities ultimately owned by Chinese or Macau-based firms. The new whitelist approach shifts enforcement from monitoring individual chip sh

Cybersecurity

Canada’s banking regulator named Claude Mythos in a warning to banks

Canada's banking regulator, OSFI, explicitly named Anthropic's AI model Claude Mythos in a warning to banks about accelerated risks in software vulnerability exploitation. The regulator highlighted that such advanced AI shortens the time available for risk mitigation, prompting banks to enhance their risk identification and response practices. Similar concerns have been raised by financial authorities in the US, Europe, and Australia regarding this AI model.

Cybersecurity

Pentagon pauses the cyber audit rule that was pushing small suppliers out

The Pentagon has paused Phase 2 of its Cybersecurity Maturity Model Certification (CMMC) program, which required defense contractors to pass third-party cybersecurity audits before contract awards. This suspension stems from a shortage of accredited assessors relative to the large number of suppliers, and concerns that compliance costs and complexity are driving small businesses away from defense contracts. A task force has been established to review the program and recommend changes within 60  

Cybersecurity

The web is now mostly bots. Cloudflare is rebuilding its defences around that

Bots now account for over half of all web traffic, prompting Cloudflare to develop Precursor, a tool that monitors user behavior throughout a browsing session to distinguish humans from automated bots more effectively. Unlike traditional methods that verify identity at a single point, Precursor analyzes patterns like mouse movement and typing rhythm to detect bots, while respecting user privacy by not recording actual keystrokes. Additionally, Cloudflare categorizes AI traffic into search, agent

AI Research

Valarian raised $50m to help governments use US cloud without losing control of it

Valarian, a London-based startup co-founded by a former Palantir executive, raised $50 million to provide software that allows governments and businesses to use American cloud and AI services while maintaining control over their data, addressing concerns raised by the US CLOUD Act. Their product, ACRA, acts as a protective layer managing data access and sovereignty on US infrastructure. Recent geopolitical events have heightened the urgency for such solutions, prompting interest from UK leaders.

Cybersecurity

The EU has stopped sanctioning Russian hackers and started sanctioning the machine that makes them

The European Union and the United Kingdom have jointly imposed cyber sanctions on Russia for the first time, targeting nine individuals and four entities by the EU and 24 by the UK. They publicly attributed the Turla espionage group and a December cyberattack on Poland's energy grid to Russia's FSB Centre 16, marking a shift towards sanctioning the broader ecosystem of Russian cyber operations rather than isolated groups. This approach blurs the line between state hackers and criminal actors, as

AI Research

The wildest allegations in Apple’s trade secrets lawsuit against OpenAI

Apple has filed a detailed lawsuit against OpenAI alleging a coordinated effort to steal trade secrets through current and former Apple employees. The complaint accuses OpenAI of a culture of misconduct led by its leadership and suggests that the documented cases represent only a small portion of the alleged wrongdoing. Specific messages cited in the lawsuit illustrate unauthorized access to Apple's network storage and collaboration between employees.

AI Research

The 6 wildest claims in Apple’s lawsuit against OpenAI

Apple has filed a lawsuit against OpenAI alleging that former Apple employees who joined OpenAI stole confidential information and hardware prototypes. The suit claims that these individuals retained Apple devices, accessed secure networks without authorization, and shared proprietary documents to aid OpenAI's development of AI hardware. The case centers on three former Apple staff members now at OpenAI and accuses them of an ongoing scheme to misappropriate Apple's trade secrets.