Full Summary
This Saturday morning, May 9th, a significant development in AI security has multiple sources buzzing: the White House is reportedly backing away from mandatory independent safety testing for AI models. Both TipRanks and Communications Today confirm that while the U.S. government is preparing a new executive order on AI security, it will not mandate pre-deployment testing for models from companies like OpenAI and Google. This marks a shift from earlier drafts and expert recommendations, with the White House aiming to avoid stifling innovation. Meanwhile, Cryptonews.net reports that this rethinking of AI oversight comes as new AI models, such as Anthropic's Mythos, can find vulnerabilities in software that humans and other tools miss, posing national security risks. BankInfoSecurity adds that Anthropic CEO Dario Amodei warns of "tens of thousands" of unpatched software vulnerabilities, with Mythos finding nearly 300 in Firefox alone. Amodei stresses urgency, believing we have only six to twelve months before Chinese AI models could exploit these flaws. JPMorgan Chase CEO Jamie Dimon echoed these concerns, calling cyber risk "our biggest risk" and noting AI will make it worse. Amid these regulatory discussions, several companies are enhancing their AI security offerings. Yahoo Finance notes Cycurion is acquiring Halo Privacy, adding $7 million in revenue and bolstering its AI security platform with privacy-first communications. 1Password is launching "Passkey AI" for stronger online account security, and Snyk is integrating with OpenAI and Anthropic to protect AI-powered applications, as reported by TipRanks. KnowBe4 is partnering with Secure Code Warrior to offer AI coding security training, addressing the risks of AI-generated code, a detail from SMBtech. However, Security Affairs highlights a recent Braintrust hack, where an AI startup urged customers to change API keys after a breach, underscoring critical AI supply chain security concerns. This means that while AI is rapidly advancing capabilities, from finding vulnerabilities to aiding global security cooperation, the debate over how to safely deploy it directly impacts the security of your data and the software you use daily.