Checkmarx Uncovers AI Vulnerability, OpenAI Seeks Security Leader, and ServiceNow's $7.75B Acquisition - Cybersecurity AI Weekly #35
January 02, 2026 -
Cybersecurity AI Weekly
Hi there,
Welcome to this week's edition of Cybersecurity AI Weekly.
Researchers at Checkmarx have discovered a new attack method called 'Lies-in-the-Loop' that targets safety mechanisms in AI code assistants like Anthropic's Claude Code and Microsoft's Copilot Chat. This method allows attackers to manipulate user approval dialogs, posing a significant threat to AI-assisted coding environments. Meanwhile, OpenAI has acknowledged ongoing vulnerabilities in its ChatGPT Atlas browser, specifically related to prompt injection attacks. The company is actively working on enhancing security measures, though it admits these attacks remain a persistent risk.
In other news, ServiceNow is set to acquire cybersecurity startup Armis for $7.75 billion, aiming to bolster its AI and cybersecurity capabilities. Additionally, the National Cyber Security Centre of Bahrain has partnered with SandboxAQ to develop a quantum-safe cybersecurity framework. This collaboration will leverage the AQtive Guard platform to protect critical infrastructure and data. Furthermore, the NIST has announced a $20 million investment to create two centers with MITRE Corporation to enhance AI in U.S. manufacturing and critical infrastructure cybersecurity.
Welcome to this week's edition of Cybersecurity AI Weekly.
Researchers at Checkmarx have discovered a new attack method called 'Lies-in-the-Loop' that targets safety mechanisms in AI code assistants like Anthropic's Claude Code and Microsoft's Copilot Chat. This method allows attackers to manipulate user approval dialogs, posing a significant threat to AI-assisted coding environments. Meanwhile, OpenAI has acknowledged ongoing vulnerabilities in its ChatGPT Atlas browser, specifically related to prompt injection attacks. The company is actively working on enhancing security measures, though it admits these attacks remain a persistent risk.
In other news, ServiceNow is set to acquire cybersecurity startup Armis for $7.75 billion, aiming to bolster its AI and cybersecurity capabilities. Additionally, the National Cyber Security Centre of Bahrain has partnered with SandboxAQ to develop a quantum-safe cybersecurity framework. This collaboration will leverage the AQtive Guard platform to protect critical infrastructure and data. Furthermore, the NIST has announced a $20 million investment to create two centers with MITRE Corporation to enhance AI in U.S. manufacturing and critical infrastructure cybersecurity.
Checkmarx Identifies 'Lies-in-the-Loop' Attacks on AI Code Assistants
Researchers at Checkmarx have discovered a new attack method called 'Lies-in-the-Loop' that targets Human-in-the-Loop safety dialogs in AI code assistants such as Anthropic's Claude Code and Microsoft's Copilot Chat, potentially allowing remote code execution. Read more
OpenAI Acknowledges Vulnerability in ChatGPT Atlas
OpenAI has admitted that its ChatGPT Atlas browser may always be vulnerable to prompt injection attacks, despite ongoing security enhancements. Read more
ServiceNow Acquires Armis for $7.75 Billion
ServiceNow is set to acquire cybersecurity startup Armis for $7.75 billion, aiming to enhance its AI-driven security solutions. Read more
Bahrain Partners with SandboxAQ for Quantum-Safe Cybersecurity
The National Cyber Security Centre of Bahrain has teamed up with SandboxAQ to develop a cybersecurity framework focused on quantum-safe solutions, using the AQtive Guard platform to protect critical infrastructure. Read more
NIST and MITRE Launch AI Centers for Manufacturing and Cybersecurity
The NIST has announced a $20 million investment to create two centers with MITRE Corporation to enhance AI in U.S. manufacturing and critical infrastructure cybersecurity. Read more
OpenAI Seeks Head of Preparedness for AI Security
OpenAI is hiring a Head of Preparedness to address AI misuse and cybersecurity threats, with a focus on risk identification and safeguard development. The role offers a $555,000 salary. Read more
Block Security Arena Achieves $30M Valuation
Block Security Arena has secured a $30 million valuation following its seed funding round. The company plans to tackle Web3 security issues by integrating AI tools with a gamified education system. Read more
We hope you enjoyed this article.
Consider subscribing to one of our newsletters like Cybersecurity AI Weekly or Daily AI Brief.
Also, consider following us on social media:
More from: Vulnerabilities in AI
12/17
Palo Alto Networks Report Warns of Expanding AI-Driven Cloud Attack Surface
11/03
Fudo Security Named Overall Leader in KuppingerCole 2025 Secure Remote Access Report
11/03
OpenAI Introduces Aardvark, an AI Agent for Security Research
10/21
IQSTEL and Cycurion Complete Phase One of AI Cyber Defense Rollout
10/11
Anthropic Study Finds Just 250 Documents Can Backdoor Large Language Models
More from: Cybersecurity
12/28
OpenAI Seeks Head of Preparedness to Oversee AI Safety and Risk Mitigation
12/17
Palo Alto Networks Report Warns of Expanding AI-Driven Cloud Attack Surface
12/16
Echo Raises $35M Series A to Build Secure AI-Native OS for Cloud Apps
12/16
DigitalNet.ai Invests in Electrosoft to Expand AI-Driven Cybersecurity Capabilities
12/16
Synergy ECP Acquires NetServices to Expand Federal IT Capabilities
Subscribe to Cybersecurity AI Weekly
Weekly newsletter about AI in Cybersecurity.
