AI news, 8 July: an AI agent ran almost an entire ransomware attack by itself
AI agent drives a ransomware attack from start to finish. Cybersecurity firm Sysdig said this week it had documented what it believes is the first ransomware operation, nicknamed JadePuffer, in which an AI agent handled nearly the whole job: breaking into a vulnerable server, stealing login credentials, moving through the network and encrypting files. TechCrunch added an important caveat, though: a human still chose the target and set up the attack before stepping back, so this was not a machine acting entirely on its own from the start. The case is being widely discussed as an early warning of how AI could lower the skill needed to run serious cyberattacks.
UN meeting on AI governance closes with a stark warning. The first UN Global Dialogue on AI Governance wrapped up in Geneva this week, bringing together representatives of all 193 member states to discuss how to manage AI's risks, according to UN News. The talks were informed by a new UN Independent Scientific Panel report, whose co-chair Yoshua Bengio said AI "is approaching or surpassing human capabilities in many domains" and is "outpacing both scientific understanding and governments' ability to adapt." The panel's message was blunt: current safeguards are not keeping up with how fast AI is improving.
Illinois signs one of the strictest state AI laws in the US. Governor JB Pritzker signed the Artificial Intelligence Safety Measures Act into law on Monday, according to Capitol News Illinois and CBS Chicago. The law requires independent, third-party audits of major AI developers, a first for any US state, and is modeled on similar measures in California and New York. Notably, both OpenAI and Anthropic supported the bill, even though they would rather see one federal rulebook than a patchwork of state laws.
EU unveils a plan to police AI-powered cyber risks. The European Commission presented an Action Plan on Cybersecurity and Artificial Intelligence this week to help governments, companies and EU bodies respond to a world where AI can both defend against and supercharge cyberattacks. According to the Commission, advanced AI can help find and fix security flaws, but the same tools can let attackers automate intrusions at unprecedented scale and speed. The plan builds on existing EU rules such as the AI Act and the Cyber Resilience Act rather than creating an entirely new law.
Anthropic overtakes OpenAI in value and revenue. Anthropic, maker of the Claude chatbot, has passed OpenAI in secondary-market valuation for the first time, reaching roughly $965 billion after a $65 billion funding round, versus OpenAI's $852 billion valuation, according to Fortune and other outlets. Anthropic also reported annualized revenue crossing $47 billion in May, ahead of OpenAI's projected $30 billion for the full year, though OpenAI has raised more total funding overall. Both companies have reportedly filed confidential paperwork for stock listings expected later this year or in early 2027.