Michael Housch explores the latest AI security threats including Google's GeminiJack vulnerability and PromptPwnd attacks, while examining how AI-generated code quality issues are impacting development teams. Plus, how organizations are fighting back with custom AI security models and what India's copyright proposal means for the future of AI training.

AI agents are revolutionizing cybersecurity in contradictory ways. This episode explores how the same AI technology that enables companies like Picus Security to validate defenses against new threats in hours, instead of weeks, can also autonomously exploit vulnerabilities for profit. We examine why enterprises are hesitant to deploy AI agents at scale due to identity management challenges, the
escalating war between publishers and AI scrapers (with blocking up 336%), practical strategies for identifying truth when AI systems can be manipulated by their owners, and Anthropic's research showing AI can now find and exploit zero-day vulnerabilities in smart contracts autonomously. The bottom line: AI capabilities are advancing faster than our governance frameworks, creating both unprecedented defensive capabilities and entirely new attack vectors that security teams must navigate.

This week on AI Weekly, we delve into the surprising methods researchers are using to keep AI models honest—including teaching them to cheat—and explore the massive financial risks Oracle is undertaking to fuel the AI cloud goldrush. We also dissect the escalating security and privacy challenges posed by agentic AI, LLM-generated malware, and the booming "bossware" industry surveilling remote workers.

This week, we dive into the dangerous 'Whisper Leak' side-channel attack that infers user conversation topics even when encrypted. We also analyze the new reality of AI-powered cyber campaigns and discuss why corporate executives are breaking their own internal AI security rules.

This week, we dive into critical research from MIT aimed at building safer, faster AI models and modular software, contrasted sharply by alarming reports of successful data exfiltration attacks against major LLMs like Claude and ChatGPT, alongside the emergence of autonomous, adaptive malware. We also look at the governance challenges presented by autonomous "agentic users" entering the enterprise workforce and the profound uncertainty surrounding AI integration in K-12 schools.

This week, we dive deep into major AI security flaws, including browser sidebar spoofing and the jailbreaking of OpenAI's Atlas omnibox, while also analyzing the increasing risks found in mobile AI usage. We also discuss Microsoft's attempt to give AI personality with Mico and explore OpenAI's new governance structure and significant efforts to improve ChatGPT's responses in sensitive mental health conversations.

This week, we dives into the key takeaways from the Stanford HAI 2025 AI Index Report, revealing record global investment, the sharp increase in AI performance, and the deepening integration of the technology into our daily lives. We examine the uneven evolution of responsible AI practices, the growing government regulatory response, and the fiercely competitive, rapidly accelerating industry frontier.

his week, we examine the cutting edge of cybersecurity innovation, where new startups are focused on securing AI agents and models. We also dive into the enterprise adoption gap, the rise of "shadow AI," and a fascinating MIT study revealing the cognitive toll that continuous reliance on large language models might be taking on the human brain.