Component: Full links from this week's editions
All the stories we shared in our daily LinkedIn news carousel during the week beginning on July 21 2025.
Systemic risks to the AI ecosystem, artificial intelligence manipulation risks and a new threat that's "a malicious mix of old and new".
Those are some of the headlines covered in the latest edition of our news roundup, Component.
We'll be sharing the headlines as a carousel on LinkedIn, as well as here on Machine.
You can find last week's headlines here.
Follow Machine on LinkedIn to read daily editions of Component
“The era of human programmers is nearing its end”
Those are the prophetic and slightly scary words attributed to Softbank CEO Masayoshi Son.
"Our aim is to have AI agents completely take over coding and programming," he said. "We are currently initiating the process for that."
Softbank expects to equip each human with 1,000 agents costing $0.27 each per month, according to Light Reading.
“A malicious mix of old and new”
SentinelOne has issued a warning about a new infostealer called Katz Stealer which is gaining in popularity and being used to steal everything from passwords to crypto keys.
It relies on social engineering and user interaction, blending tradition and innovation.
“The turnkey nature of the Katz Stealer service, along with accessible pricing, have led to rapid adoption by threat actors across the spectrum of capability,” warned Jim Walter, Senior Threat Researcher.
“A systemic risk to the AI ecosystem”
That’s the claim from Wiz Research, which said it has found a container escape vuln in the NVIDIA Container Toolkit (NCT) dubbed #NVIDIAScape (CVE-2025-23266).
The critical CVSS 9.0 bug could let a malicious container bypass isolation and gain full root access using a “stunningly simple” three-line Dockerfile.
NVIDIA’S Toolkit is a “backbone” for managed AI and GPU services, potentially “allowing attackers to tear down the walls separating different customers”, Wiz alleged.
Here's a briefing on NVIDIAScape.
Prompt Injection 2.0: The terrifying rise of hybrid AI Threats
AI attacks are evolving as threat actors combine natural language manipulation with traditional exploits to achieve account takeovers remote code execution and persistent compromise.
That’s the warning in a fascinating new paper from Preamble, which claims to have discovered prompt injection attacks in 2022 and responsibly disclosed to OpenAI.
What’s lurking in your DNS record?
It was recently revealed that hackers can hide images within the text of DNS records (instructions that tell the internet how to find and handle a domain’s services).
Now DomainTools has found Joke Screenmate malware hiding in the same place.
This is a kind of prank malware. But you won’t be laughing if a nastier surprise is snuck into the DNS of a website you visit.
Read a report on the DNS malware discovery.
Oracle vulnerability gains a perfect score
A vulnerability in Cisco’s Identity Services Engine (CVE-2025-20337) could allow unauthenticated attackers to store malicious files, execute arbitrary code and even gain root access on affected devices.
The flaw stems from “ insufficient validation of user-supplied input” and has been assigned a maximum CVSS score of 10.0.
Kentaro Kawane of GMO Cybersecurity discovered the bug, which was disclosed via Trend Micro’s Zero Day Initiative (ZDI).
Here is Cisco's threat advisory.
Countdown to the EU AI Act
The EU has issued new guidelines to help companies comply with its AI Act, which sets out obligations for providers of AI models that pose “systemic risks”, such as “risks to fundamental rights, safety, and potential loss of control over the model”.
These are likely to include models from OpenAI, Google, Meta and others, which must meet stricter safety rules by August 2, 2025, or face fines of up to €35 million or 7% of global turnover.
Details of the new guidelines.
Beware of AI manipulation attacks
Humans are the weakest link in any organisation’s cybersecurity posture. And frontier AI systems are “rapidly advancing in their capabilities to persuade, deceive, and influence” us, posing a growing risk.
In a new paper, Cambridge University researchers warned about the risk of “manipulation attacks” causing “catastrophic outcomes“.
“No systematic framework exists for assessing and mitigating these risks,” they warned.
Dark clouds on the horizon?
Microsoft has just announced sweeping concessions to EU cloud trade body CISPE - giving its members the right to offer Microsoft software on a pay-as-you-go basis, match Azure pricing, and host customer workloads without sharing user data.
But the deal has set off alarm bells among cloud insiders.
Mark Boost, CEO at Civo, said: “Today’s agreement raises serious questions about fairness and transparency. The concessions apply only to CISPE members, with no clarity on whether other cloud providers across Europe will benefit. Is this a private deal for a select few? Who decides who gets access, Microsoft or regulators?
"If the EU won’t act decisively, the UK’s CMA investigation next month has a vital opportunity to set a new precedent, one where competition isn’t optional and cloud users aren’t trapped by the very infrastructure they depend on."
High hopes for Isambard
Isambard, the UK’s most powerful supercomputer, went online last week.
Philip Kaye, co-founder and director of Manchester-based data centre specialist Vespertec, said: "Isambard’s computing power is incredible - but almost more impressive is how the project came together.
“The 5,400 Nvidia GH200 Grace Hopper Superchips that power Isambard make it the 11th most powerful supercomputer in the world today. Researchers and students have already been making leaps in medical research with the machine, and now that it’s fully operational we can expect that to accelerate.
“More importantly, though, this project demonstrates a really promising collaboration between a British university, the government, and global AI giants like Nvidia and Intel (which supplied the chips for Cambridge’s ‘Dawn’ supercomputer). That model for global collaboration between public and private stakeholders to produce digital infrastructure that stands to benefit everyone is what excites me the most, and the new compute roadmap gives me hope that it’s a model the government intends to replicate and expand upon in the future.
“I hope we’ll look back on this as the start of something, with universities across the country beginning to build supercomputers that match and surpass Isambard. The more researchers that have access to powerful AI capabilities, the faster we can unlock its potential in areas like medicine and environmental research, in which Britain is already a world leader. The only way that happens is by deepening those global partnerships.”