Pulse

Germany's government has expressed concerns about a new AI tool developed in the United States. Officials fear this technology could significantly increase the risks of cyberattacks. The specific nature of the tool and the exact risks it poses have not been detailed. AI

A software-as-a-service business has recovered its entire database after an AI agent mistakenly deleted all its critical files. The cloud provider successfully restored the data and has since expanded its delayed delete policy to 48 hours. This incident highlights the potential risks associated with autonomous AI agents operating on critical systems. AI

Users can now opt out of GitHub using their code and data to train AI models. This setting is available within user settings under the 'Code, planning, and automation' section, specifically in 'Features' and then 'Privacy'. The change addresses concerns about data usage for AI development. AI

Money Forward has launched an AI-powered service to detect unusual transaction patterns, expanding beyond its asset management app. This new feature aims to prevent fraudulent use of credit and debit cards by adding an extra layer of security. Offered free to all users, it signifies the company's strengthened infrastructure strategy and its partnership with MUFG. AI

OpenAI has integrated advanced security features into ChatGPT, including support for FIDO passkeys. This new capability, branded as Advanced Access Security (AAS), aims to enhance user account protection by allowing authentication through physical security keys. The update is designed to bolster the security of user data and conversations within the ChatGPT platform. AI

The Pentagon experienced an uncontrolled proliferation of AI tools, with over 103,000 agents created in just five weeks. This rapid, unmanaged expansion, facilitated by a Google Gemini-based agent designer, presents significant challenges for capacity planning and cybersecurity within the Department of Defense. The sheer volume and lack of oversight raise concerns about potential security vulnerabilities and resource management. AI

As enterprises increasingly deploy AI agents, robust governance frameworks are essential to prevent chaos and systemic risk by 2026. Without structured oversight, these agents could operate unpredictably, leading to compliance violations and a loss of trust. Implementing enterprise Governance, Risk, and Compliance (eGRC) solutions is crucial for managing the complexity and ensuring ethical operation of scaled AI systems. AI

AI companion robots are being introduced into Japanese nursing homes, drawing attention to the worldwide issue of an aging population. This development also raises concerns about the potential for excessive dependence on technology to address societal challenges. The integration of these robots prompts a discussion on the ethical implications and the balance between technological solutions and human care. AI

A recent report from KnowBe4 indicates that 86% of phishing campaigns now utilize artificial intelligence, a notable increase from previous years. AI is being employed not only to craft more convincing and personalized messages but also to automate the reconnaissance and information-gathering stages of attacks. This advancement has led to a rise in multi-vector attacks, including those using calendar invites and Microsoft Teams messages, to harvest credentials. Phishing campaigns powered by AI are reportedly 4.5 times more effective than human-crafted ones, contributing to significant cybercrime losses. AI

NVIDIA is collaborating with Peter Steinberger and the OpenClaw developer community to enhance the security and robustness of the OpenClaw project, a popular open-source AI agent framework. The collaboration focuses on improving model isolation, data access, and code verification processes. NVIDIA has also introduced NVIDIA NemoClaw, a reference implementation designed to provide a more secure and scalable deployment blueprint for autonomous AI agents. AI

Canva experienced a bug where the term "Palestine" was replaced with "Ukraine" in its web interface. Facta, an AI-powered fact-checking organization, investigated the incident and found it was not an isolated issue. The investigation suggests a potential problem with the LLM used by Canva, which may have incorrectly associated or substituted these terms. AI

Google has patched a critical vulnerability in its Gemini command-line interface (CLI) tool that could allow for remote code execution. The flaw, which had a CVSS score of 10.0, stemmed from the tool's automatic trust settings for workspace folders when running in headless mode. This fix may disrupt CI/CD pipelines and GitHub Actions that relied on the previous behavior, requiring users to update their workflows and explicitly trust folders. AI

WhatsApp has introduced an AI

Google is offering users a way to prevent their data from being used for AI training by disabling "Gemini Apps Activity." This setting allows individuals to turn off Gemini History and delete existing Gemini data. When this activity is disabled, Google states it will not utilize these interactions for model training purposes. AI

A developer has created a working API demo to help users scrub Personally Identifiable Information (PHI) before it is sent to large language models (LLMs). This tool aims to enhance data privacy and security when interacting with AI systems. The demonstration showcases a practical method for anonymizing sensitive data, which is crucial for compliance and preventing data breaches. AI

A supply chain attack has compromised the PyTorch Lightning AI training library, affecting versions 2.6.2 and 2.6.3. The malicious code, themed after "Shai-Hulud" from Dune, executes automatically upon import and steals credentials, authentication tokens, and cloud secrets. This attack also attempts to poison GitHub repositories and spreads through the npm ecosystem by injecting malicious code into other packages. AI

A developer has identified a vulnerability in an AI summarization tool that causes it to inadvertently reveal its internal reasoning process, known as chain-of-thought. The issue stems from how the tool handles user prompts, leading to the exposure of its intermediate steps. A straightforward 30-line code modification has been proposed to rectify this information leak. AI