tldrdailynews.com logo
Tag

Ai Security

All articles tagged with #ai security

Mythos Preview Sparks a Security Reboot for Software
technology23 hours ago

Mythos Preview Sparks a Security Reboot for Software

Anthropic’s Claude Mythos Preview can identify vulnerabilities across systems and autonomously develop exploits, a capability the company says will force a cybersecurity rethink. It’s being tested with Project Glasswing among a limited group of tech giants to give defenders a head start, but experts are divided: some see it as a real threat that could accelerate exploit chains and zero-click attacks, while others view it as hype. Regardless, the rollout is framed as a wake-up call to move toward secure-by-design software and machine-scale defenses rather than relying solely on patching and reaction.

via WIRED|
#ai-security#cybersecurity#exploit-chains
ClawCon NYC celebrates open-source AI amid lobster swag and security caveats
ai1 month ago

ClawCon NYC celebrates open-source AI amid lobster swag and security caveats

At NYC’s ClawCon, hundreds of OpenClaw enthusiasts gathered to celebrate the open‑source AI platform as a grassroots alternative to Big Tech, with lobster‑themed swag and demos of “wrappers” and power users sharing use cases; organizers hailed a community‑driven movement, while speakers and attendees warned about security risks and stressed cautious, verifiable use of AI agents.

via The Verge|
#ai#ai-security#clawcon
Palo Alto Networks to Acquire Koi to Guard AI-Driven Endpoints
technology1 month ago

Palo Alto Networks to Acquire Koi to Guard AI-Driven Endpoints

Palo Alto Networks announced a definitive agreement to acquire Koi to establish Agentic Endpoint Security, addressing the security gaps created by AI agents and tools on endpoints; post-close, Koi’s technology will be integrated with Prisma AIRS and Cortex XDR to improve visibility and policy enforcement for AI-driven operations, with regulatory approvals and closing conditions still to be met and further details to be provided on an investor call.

via Palo Alto Networks|
#agentic-endpoint-security#ai-security#endpoint-security
OpenClaw Taps VirusTotal to Vet ClawHub Skills
cybersecurity2 months ago

OpenClaw Taps VirusTotal to Vet ClawHub Skills

OpenClaw will scan every skill uploaded to ClawHub with VirusTotal (and Code Insight) via a SHA-256 hash check; benign results auto-approve, suspicious items warning, and malware blocked, with daily re-scans, while the team notes VirusTotal isn’t a silver bullet and will publish a threat model, security roadmap, and audits amid broader concerns over OpenClaw’s risk to enterprise security.

via The Hacker News|
#ai-security#clawhub#cybersecurity
Claude Opus 4.6 Unmasks 500 Open-Source Flaws, Redefining Cyber Defense
cybersecurity2 months ago

Claude Opus 4.6 Unmasks 500 Open-Source Flaws, Redefining Cyber Defense

Anthropic’s Claude Opus 4.6, tested in a sandbox, autonomously found over 500 previously unknown high-severity zero-day vulnerabilities in open-source libraries—ranging from crashes to memory corruption—in projects like GhostScript, OpenSC, and CGIF; it used out-of-the-box analysis and even wrote its own proof-of-concepts in some cases. Anthropic says these capabilities could greatly aid defenders, plans to broaden access to the security community, and has added safeguards to prevent abuse.

via Axios|
#ai-security#cybersecurity#open-source
Prompt-Injected Invites Expose Private Calendar Data Through Google Gemini
security2 months ago

Prompt-Injected Invites Expose Private Calendar Data Through Google Gemini

Security researchers disclosed a flaw in Google Gemini where a crafted calendar invite enables indirect prompt injection, causing Gemini to summarize and exfiltrate private meeting data by creating a new calendar event that could be visible to attackers; the finding highlights AI-enabled attack surfaces and the need for stronger guardrails and identity controls across AI workflows.

via The Hacker News|
#ai-security#calendar-privacy#data-exfiltration
Chrome lets you delete the on-device AI powering scam protection
technology2 months ago

Chrome lets you delete the on-device AI powering scam protection

Google Chrome now allows users to delete the local AI model that powers the Enhanced Protection feature’s real-time scam-detection and suspicious-download scanning. You can disable this by going to Settings > System and turning off “On-device GenAI.” The on-device model is currently in Chrome Canary with rollouts expected soon, and Google suggests these local AI components may power other Chrome features beyond scam protection.

via BleepingComputer|
#ai-security#chrome#enhanced-protection
Addressing Security and Regulatory Challenges in AI and Autonomous Agents
technology3 months ago

Addressing Security and Regulatory Challenges in AI and Autonomous Agents

An AI security researcher warns that traditional cybersecurity teams are unprepared for the unique vulnerabilities of AI systems, which can be manipulated through language and indirect instructions. He emphasizes the need for expertise in both AI security and cybersecurity to effectively address these risks, and criticizes many AI security startups for overpromising on protection. The article highlights the growing investment in AI security and the importance of developing specialized skills to manage AI-related security challenges.

via Business Insider|
#ai-risks#ai-security#ai-startups
Palo Alto Networks and Google Cloud Secure $10 Billion AI and Cloud Deal
technology3 months ago

Palo Alto Networks and Google Cloud Secure $10 Billion AI and Cloud Deal

Palo Alto Networks and Google Cloud have expanded their partnership to enhance AI security across cloud and hybrid environments, integrating Palo Alto's Prisma AIRS with Google Cloud's AI services to protect AI workloads, improve security management, and streamline deployment, while also migrating Palo Alto's internal workloads to Google Cloud to optimize performance and reliability.

via Google Cloud Press Corner|
#ai-infrastructure#ai-security#cloud-security
technology3 months ago

Palo Alto Networks and Google Cloud Partner to Boost Cloud and AI Security

Palo Alto Networks and Google Cloud have expanded their partnership to enhance AI security, integrating Palo Alto's Prisma AIRS platform with Google Cloud's AI infrastructure to secure AI workloads, improve security management, and streamline deployment across hybrid multicloud environments, while also migrating Palo Alto's internal workloads to Google Cloud.

via Palo Alto Networks|
#ai-security#cloud-computing#google-cloud
Microsoft Reveals 'Whisper Leak' Threat to Encrypted AI Chat Privacy
technology5 months ago

Microsoft Reveals 'Whisper Leak' Threat to Encrypted AI Chat Privacy

Microsoft has revealed a new side-channel attack called Whisper Leak that can infer the topics of encrypted AI chat traffic by analyzing packet size and timing, posing privacy risks. The attack can identify sensitive conversation topics despite encryption, and mitigation strategies like adding random text to responses are recommended. This highlights vulnerabilities in current language models and the need for enhanced security measures.

via The Hacker News|
#ai-security#encryption#language-models