From 30 items, 5 important content pieces were selected
Socket reports that PyPI package lightning versions 2.6.2 and 2.6.3 were compromised with malicious code. On import, the package reportedly downloaded and executed an obfuscated JavaScript payload that stole GitHub tokens, cloud credentials, and environment variables, then used the access to poison repositories and local npm packages. This is a serious supply-chain incident because lightning is a widely used deep-learning package, so the blast radius can extend to ML developers and their connected infrastructure. Stolen credentials and poisoned repositories can enable follow-on compromise across GitHub, cloud accounts, and JavaScript ecosystems. The reported behavior is similar to the Shai-Hulud worm pattern, with stolen permissions used for fake commits and lateral movement. The guidance in the report is to remove the malicious versions immediately, downgrade to 2.6.1, and rotate all affected keys.
telegram · zaihuapd · May 2, 00:36
Background: PyPI is the Python Package Index, the main registry for distributing Python libraries. A supply-chain attack on a package can affect anyone who installs or imports it, because malicious code runs in the developer or build environment. Credential theft is especially dangerous here because GitHub tokens and cloud keys can be reused to reach source repositories and deployed systems. The mention of npm matters because attackers sometimes pivot from Python tooling into JavaScript package ecosystems.
Tags: #supply chain security, #PyPI, #malware, #credential theft, #machine learning
Microsoft-backed Lib0xc is a new set of C standard-library-adjacent APIs designed for safer systems programming in C. The project says it uses GNUC extensions and C11 features, and its GitHub page describes it as a “safe(ish) C programming library” for making common C usage safer without fully changing the language. C remains foundational in systems software, but memory and bounds errors are a major source of vulnerabilities. A library that codifies safer patterns could reduce bugs for kernel, embedded, runtime, and infrastructure developers, while also influencing broader discussions about whether these APIs should eventually be standardized. The project explicitly relies on C11 with GNU extensions, and the search results note that clang is recommended for -fbounds-safety support. The repo also emphasizes that C cannot be made completely type- and bounds-safe at the language level, but its common usage can still be made much safer than it is today.
hackernews · wooster · May 1, 19:10
Background: C is widely used for low-level software because it is small, fast, and close to the hardware, but those same properties make it easy to write unsafe code. Standard-library-adjacent APIs are functions that behave like parts of the C library but are designed to be safer or more strongly specified. The discussion around Lib0xc also reflects a long-running debate in systems programming: whether safety improvements should live in external libraries or be added directly to C, C++, and POSIX standards.
Discussion: The discussion was broadly positive about the safety goal, with the author framing lib0xc as a way to encode decades of “cargo-culted” safe C patterns into first-class APIs. Several commenters argued that C, C++, and POSIX should standardize safer APIs and deprecate unsafe ones, while others vented frustration with C’s long tail of manual safety work; one commenter noted the name can be confusing because it resembles a different project.
Tags: #C programming, #systems programming, #memory safety, #standard library, #API design
The UK’s AI Security Institute evaluated OpenAI’s GPT-5.5 on cyber capabilities and found it comparable to Claude Mythos for vulnerability discovery. The report also notes that GPT-5.5 is generally available now, unlike Mythos at the time of its earlier evaluation. This suggests advanced general-purpose models are becoming similarly capable at security-relevant tasks, not just specialized cyber systems. That matters for software defenders, red-teamers, and AI safety teams because stronger vulnerability-finding ability can help both offense and defense. AISI says these were controlled capability evaluations, so the results do not necessarily reflect what an ordinary public user of GPT-5.5 can access. The comparison is specifically about finding security vulnerabilities, and the headline takeaway is that the result looks like a broader trend in AI capability rather than a one-off breakthrough limited to Mythos.
rss · Simon Willison · Apr 30, 23:03
Background: The UK AI Security Institute, or AISI, evaluates AI systems for security and safety risks, including how capable they are in cyber-related tasks. Vulnerability discovery is the process of finding flaws in software or systems that could be exploited by attackers. Claude Mythos had previously drawn attention for its reported cybersecurity performance, so GPT-5.5 is being measured against an already prominent benchmark.
Tags: #AI security, #OpenAI, #cybersecurity, #LLMs, #model evaluation
OpenAI is reportedly preparing to launch GPT-5.5-Cyber, a cybersecurity-focused model built on GPT-5.5, in the coming days. The model will initially be limited to vetted “trusted cyber defenders” rather than the general public. This suggests OpenAI is moving beyond general-purpose models toward specialized systems for defensive cybersecurity work. If successful, it could affect how security teams analyze threats and strengthen defenses, while also reinforcing tighter access controls for powerful dual-use AI. Sam Altman said OpenAI is working with governments and the industry ecosystem to define trusted access mechanisms. The reporting also places this approach in context with OpenAI’s earlier staged rollout for GPT-Rosalind and notes that Anthropic’s Mythos model has similarly been restricted to specific entities.
telegram · zaihuapd · May 1, 07:01
Background: Cybersecurity-focused AI models are designed to help defensive teams with tasks such as analyzing threats, improving protections, and supporting incident response. Because these systems can also be misused, companies sometimes release them only to verified organizations rather than broadly to the public. “Trusted access” is a policy mechanism for limiting who can use more permissive or higher-risk models.
Tags: #OpenAI, #cybersecurity, #AI models, #model release, #defensive security
Anthropic has proposed expanding access to its Mythos model from about 50 entities to roughly 120, but the White House is opposing the plan on national security grounds. The administration also worries that Anthropic may not have enough compute capacity to serve the added users while meeting government demand. This is a high-stakes AI governance dispute because Mythos is described as capable of finding and exploiting software vulnerabilities, which raises cybersecurity and misuse risks. The case could affect how advanced models are distributed to industry and government users, especially when public-interest access competes with security concerns. The model had previously been limited to critical infrastructure operators and some government agencies, and the Trump administration is trying to broaden government access at the same time. The situation is further complicated by tensions over military AI use and two ongoing lawsuits between the parties.
telegram · zaihuapd · May 2, 01:48
Background: AI model access policies determine who can use a model and under what conditions, which matters when the model has security-sensitive capabilities. In cybersecurity, models that can reason about code may help defenders, but they can also be used to identify and exploit vulnerabilities. Governments often weigh broader access against national security, compute allocation, and oversight concerns.
Tags: #AI governance, #national security, #model safety, #cybersecurity, #Anthropic
From 30 items, 5 important content pieces were selected
Socket 报告称,PyPI 包 lightning 的 2.6.2 和 2.6.3 版本被植入了恶意代码。该包在导入时会自动下载并执行混淆的 JavaScript 载荷,窃取 GitHub token、云凭证和环境变量,并利用这些权限毒化仓库和本地 npm 包。 这是一场严重的供应链事件,因为 lightning 是一个广泛使用的深度学习包,影响范围可能扩展到机器学习开发者及其相关基础设施。被窃取的凭证和被毒化的仓库还可能进一步波及 GitHub、云账号以及 JavaScript 生态。 报告称,其行为模式类似 Shai-Hulud 蠕虫:攻击者利用窃取到的权限伪造提交并尝试横向移动。报告建议立即移除恶意版本,回退到 2.6.1,并轮换所有受影响的密钥。
telegram · zaihuapd · May 2, 00:36
背景: PyPI 是 Python Package Index,也就是 Python 生态中最主要的库分发仓库。对某个包发起供应链攻击,可能影响任何安装或导入它的人,因为恶意代码会在开发或构建环境中执行。凭证窃取尤其危险,因为 GitHub token 和云密钥可能被重复利用,进一步访问源代码仓库和已部署系统。这里提到 npm 很重要,因为攻击者有时会从 Python 工具链横向转移到 JavaScript 包生态。
标签: #supply chain security, #PyPI, #malware, #credential theft, #machine learning
微软支持的 Lib0xc 是一组新的、与 C 标准库相邻的 API,目标是让 C 语言系统编程更安全。该项目利用 GNUC 扩展和 C11 特性,并在 GitHub 页面上将其描述为一个“安全一点”的 C 编程库,旨在在不彻底改变语言本身的情况下提升常见用法的安全性。 C 仍然是系统软件的基础语言,但内存和边界错误一直是漏洞的重要来源。这样一个将安全模式固化下来的库,可能帮助内核、嵌入式、运行时和基础设施开发者减少缺陷,同时也会推动“这些 API 是否应最终被标准化”的更大讨论。 该项目明确依赖带 GNU 扩展的 C11,搜索结果还提到推荐使用支持 -fbounds-safety 的 clang。仓库同时强调,C 语言层面无法做到完全的类型安全和边界安全,但常见用法仍然可以比今天安全得多。
hackernews · wooster · May 1, 19:10
背景: C 之所以被广泛用于底层软件,是因为它简洁、快速且接近硬件,但这些特性也让它很容易写出不安全的代码。所谓“与标准库相邻的 API”,是指行为类似 C 标准库、但设计上更安全或规范更强的一组函数。围绕 Lib0xc 的讨论也反映了系统编程领域长期存在的一场争论:安全改进应该放在外部库中,还是直接加入 C、C++ 和 POSIX 标准。
社区讨论: 讨论整体上对安全目标持积极态度,作者将 lib0xc 描述为把多年口耳相传的 C 安全模式编码成一等 API 的尝试。一些评论者认为 C、C++ 和 POSIX 应该直接标准化更安全的 API 并逐步弃用不安全接口,另一些人则对 C 中长期依赖手工安全措施表示无奈;还有人指出这个名字容易让人误认成另一个项目。
标签: #C programming, #systems programming, #memory safety, #standard library, #API design
英国人工智能安全研究所对 OpenAI 的 GPT-5.5 进行了网络安全能力评估,发现它在漏洞发现方面与 Claude Mythos 表现相当。报告还指出,GPT-5.5 目前已经正式可用,而 Mythos 在早前评估时并非如此。 这表明先进的通用模型在安全相关任务上,正在变得与专门的网络安全系统一样强。它对软件防御者、红队和 AI 安全团队都很重要,因为更强的漏洞发现能力既可能帮助防守,也可能被用于攻击。 AISI 表示这些是在受控研究环境中的能力评估,因此结果不一定代表普通用户实际能调用到的 GPT-5.5 能力。此次比较重点是寻找安全漏洞,核心结论是这种能力看起来更像是 AI 整体趋势,而不只是 Mythos 独有的突破。
rss · Simon Willison · Apr 30, 23:03
背景: 英国人工智能安全研究所(AISI)会评估 AI 系统的安全与风险,包括它们在网络安全相关任务中的能力。漏洞发现是指找出软件或系统中可能被攻击者利用的缺陷。Claude Mythos 之前因其被报道的网络安全表现而受到关注,因此 GPT-5.5 这次是在与一个已经很受瞩目的基准进行比较。
标签: #AI security, #OpenAI, #cybersecurity, #LLMs, #model evaluation
OpenAI 据称将在未来几天内推出 GPT-5.5-Cyber,这是一款基于 GPT-5.5 构建、面向网络安全的模型。该模型初期不会向公众开放,而是仅限经过审核的“受信任网络防御者”使用。 这表明 OpenAI 正在从通用模型进一步走向面向特定场景的防御型网络安全系统。若顺利推出,它可能影响安全团队分析威胁和加强防护的方式,同时也会强化对高能力双用途 AI 的访问控制。 Sam Altman 表示,OpenAI 正与政府和行业生态合作,以确定受信任的访问机制。报道还将这一做法与 OpenAI 早先对 GPT-Rosalind 的分阶段发布相联系,并指出 Anthropic 的 Mythos 模型也同样只向特定实体开放。
telegram · zaihuapd · May 1, 07:01
背景: 面向网络安全的 AI 模型通常用于帮助防御团队分析威胁、提升防护能力,并支持事件响应。由于这类系统也可能被滥用,公司有时不会直接向公众开放,而是只向经过验证的组织发布。“受信任访问”是一种访问策略,用来限制谁可以使用权限更高或风险更大的模型。
标签: #OpenAI, #cybersecurity, #AI models, #model release, #defensive security
Anthropic 提议将其 Mythos 模型的使用权限从约 50 家实体扩大到约 120 家,但白宫以国家安全为由反对这一计划。政府还担心 Anthropic 的算力不足,难以同时满足新增用户和政府需求。 这是一场高风险的 AI 治理争议,因为 Mythos 被描述为具备发现并利用软件漏洞的能力,这会带来网络安全和滥用风险。此事可能影响先进模型如何在企业和政府之间分配使用权限,尤其是在公共利益访问与安全担忧相冲突时。 该模型此前仅向关键基础设施管理方及部分政府机构开放,而特朗普政府也正试图扩大政府使用范围。军方使用 AI 的争议使双方关系紧张,目前还有两起相关诉讼正在进行。
telegram · zaihuapd · May 2, 01:48
背景: AI 模型访问政策决定了谁可以在什么条件下使用模型,而当模型具备安全敏感能力时,这一点就尤为重要。在网络安全领域,能够推理代码的模型既可能帮助防御者,也可能被用于发现并利用漏洞。政府通常需要在扩大访问、国家安全、算力分配和监管监督之间进行权衡。
标签: #AI governance, #national security, #model safety, #cybersecurity, #Anthropic