Cybersecurity Hacking News

AI Agent Security & LLMjacking/OSS Zero-Days (including edge AI risks)

AI Agent Security & LLMjacking/OSS Zero-Days (including edge AI risks)

Key Questions

What restrictions has the US placed on Anthropic's Claude Fable 5 and Mythos 5 models?

The US Commerce Department has restricted Anthropic Claude Fable 5 and Mythos 5 for foreign users amid ongoing industry pushback. Mythos 5 is noted for rapidly building exploits for newly disclosed flaws.

How does Nvidia's confidential-compute hardware affect Apple users' AI data on Google servers?

Nvidia's hardware will encrypt Apple users' AI data processed on Google servers, but analysis shows Apple's PCC trust model breaks when extended to Nvidia GPUs on Google Cloud. Three key unanswered questions remain around attestation bridging, key management, and firmware updates.

What governance and security risks are highlighted for AI agents in this update?

OpenHands and Odysseus demonstrate sandbox escape risks, while GitLab Transcend 2026 introduces agentic governance via Orbit. Additional concerns include the Novo Nordisk breach involving AI models and the expansion of attack surfaces through tools like Google MCP and TECNO EllaClaw.

Continued escalation. US restricted then lifted ban on Anthropic Claude Fable 5 and Mythos 5 for foreign users after fixes, revealing opaque, ad-hoc regulation. Industry jailbreak framework announced. Mythos 5 builds exploits for newly disclosed flaws in hours. OpenHands, Odysseus highlight sandbox escape risks. GitLab Transcend 2026 introduces agentic governance (Orbit). Novo Nordisk breach includes AI models. Google MCP tutorial, TECNO EllaClaw expand attack surface. TypeScript as guardrail against AI code flaws. Zscaler CISO Sam Curry on governance. Ford admits AI fell short without experienced engineers – reinforces limits of automation in safety-critical systems. Shield AI's $12.7B valuation and Aechelon acquisition accelerate defense AI consolidation, autonomous drone capabilities, and potential synthetic training data vulnerabilities. New: Nvidia's confidential-compute hardware will encrypt Apple users' AI data on Google servers – analysis reveals Apple's PCC trust model breaks when extended to Nvidia GPUs on Google Cloud; three unanswered questions (attestation bridging, key management, firmware updates) highlight live trust gap. No official statements yet.

Sources (2)
Updated Jul 2, 2026