AI Security

This Wednesday morning, Anthropic's AI, Mythos, is uncovering significant security flaws in Apple's macOS, an exploit that could grant an unprivileged local user complete device access. Both Mashable and ETF Database confirm this AI is so effective it's not publicly available, with Anthropic committing $100 million in usage credits to its Project Glasswing initiative. This rapid discovery highlights a critical shift: the shrinking timeline between vulnerability discovery and exploitation. The IAPP reports that while in 2018, two years separated these events, by 2025 it was just 23 days, and now, a working attack can emerge within 20 hours. IBM notes that frontier AI models are reducing attack timelines from weeks to days or even hours, while most security teams still rely on manual reviews. In response, Microsoft has open-sourced two new tools, RAMPART and Clarity, to help developers test the security of AI agents. The Hacker News and Petri IT Knowledgebase explain RAMPART is a framework for testing AI agents against issues like prompt injections, while Clarity guides developers through early problem clarification and solution exploration. Concurrently, SentinelOne and AWS are integrating AI-powered security. Simplywall.st and Stock Titan detail SentinelOne's discovery of SHub Reaper, a sophisticated macOS infostealer, reinforcing the value of their AI-powered Singularity platform. AWS users can now access SentinelOne's AI-driven protection directly within their AWS console, allowing for streamlined deployment and pay-as-you-go pricing. Meanwhile, SEALSQ and WISeKey have launched WISeRobot.ch, a platform for human-centric AI robotics secured with post-quantum cryptography, as reported by Stock Titan and Quiver Quantitative. This aims to provide resilient security for AI-driven systems in critical sectors like government and healthcare. In other developments, Bulgaria's Information Services and Google Cloud are collaborating to enhance national cyber defenses with AI-powered solutions, a flagship European implementation of Google Cloud's Cybershield, PR Newswire reports. Zscaler is also expanding its AI-focused security offerings with Project AI-Guardian, involving collaborations with major system integrators like Cognizant and EY, according to Yahoo Finance and Simplywall.st. This means the speed of cyber threats is accelerating dramatically, forcing a rapid evolution in how AI is developed and protected, and impacting the security of the devices and services you use every day.