Michael Housch explores the latest AI security threats including Google's GeminiJack vulnerability and PromptPwnd attacks, while examining how AI-generated code quality issues are impacting development teams. Plus, how organizations are fighting back with custom AI security models and what India's copyright proposal means for the future of AI training.

AI agents are revolutionizing cybersecurity in contradictory ways. This episode explores how the same AI technology that enables companies like Picus Security to validate defenses against new threats in hours, instead of weeks, can also autonomously exploit vulnerabilities for profit. We examine why enterprises are hesitant to deploy AI agents at scale due to identity management challenges, the
escalating war between publishers and AI scrapers (with blocking up 336%), practical strategies for identifying truth when AI systems can be manipulated by their owners, and Anthropic's research showing AI can now find and exploit zero-day vulnerabilities in smart contracts autonomously. The bottom line: AI capabilities are advancing faster than our governance frameworks, creating both unprecedented defensive capabilities and entirely new attack vectors that security teams must navigate.

This week on AI Weekly, we delve into the surprising methods researchers are using to keep AI models honest—including teaching them to cheat—and explore the massive financial risks Oracle is undertaking to fuel the AI cloud goldrush. We also dissect the escalating security and privacy challenges posed by agentic AI, LLM-generated malware, and the booming "bossware" industry surveilling remote workers.