AI Safety Shake‐Ups, Government Jitters & HIPAA Hardball

🥓 Today’s Hash — Quick Bites

• 🔥 Congress: “Musk, step away from the Grok.” Nearly 50 House Democrats asked the Trump administration to halt any unauthorized AI monitoring of federal workers, warning that DOGE’s Grok‑powered tools amount to a FedRAMP‑free dumpster fire. Read more

• ⚠️ OpenAI loosens the seatbelt. A fresh update to its Preparedness Framework lets OpenAI dial safety rules up or down if rivals ship “high‑risk” models without guardrails—critics call it a race‑to‑the‑bottom. Read more

• 🏥 HIPAA gets teeth (and MFA). HHS’s 2025 Security Rule revamp nukes the “addressable ≠ required” loophole—encryption, segmentation and annual pen‑tests are now mandatory, not “meh.” Read more

🔧 Tools, Tricks & Tips

🚀 Pro Tip: Fighting prompt‑injection? Check out the newly published CaMeL reference design, which splits your agent into a privileged planner and a low‑trust executor—think SELinux for LLMs. Early tests blocked jailbreaks that stumped other frameworks. Whitepaper • Article

🌎 Cyber World Tour

• CVE Program narrowly avoids a funding cliff—an 11‑month patch job won’t calm critics. Details

• AI‑Powered Biotech could tip the balance of global power, warns Axios Future of Defense. Details

• Cisco’s 2025 State of AI Security Report flags model backdoors as the “new SQLi.” PDF

• HiddenLayer Threat Report says 34 % of organizations encountered model‑tampering attempts this quarter. Report

🤔 Hashing It Out

🔚 That’s a Wrap

Remember: salt your hashes, not your language models—because unsalted AI gets owned faster than you can say sudo rm ‑rf /.

Forward this to that teammate who still thinks “LLM security” means keeping company acronyms secret.

P.S. Need more laughs between issues? Follow @TheSaltedHash for daily cyber memes with zero FUD.