معركة الذكاء الاصطناعي: بين الابتكار في البناء والإعلام والمخاطر الأمنية

In Brief Last summer, Amazon MGM Studios launched a dedicated AI Studio to develop proprietary AI tools to streamline TV and film production, with a focus on areas like improving character consistency across shots and supporting pre- and post-production. According to a report from Reuters, those tools are now ready to move beyond internal testing. Amazon will begin a closed beta program in March, inviting industry partners to try out its AI tools. Amazon said it anticipates sharing initial outcomes from the program by May. The company chose not to provide further details on the developments when approached by TechCrunch for a comment. The AI Studio is collaborating with notable producers like Robert Stromberg, known for “Maleficent,” Kunal Nayyar from “The Big Bang Theory,” and former animator Colin Brady from Pixar to learn the best way to implement these tools. Amazon is also tapping Amazon Web Services for support and intends to work with several LLM providers. Albert Cheng, who heads the AI Studios initiative, emphasized that the goal is to support creative teams, not to replace them. The focus is on improving efficiency and reducing costs while ensuring that intellectual property is protected and AI-generated content isn’t absorbed into other AI models. One example used is Amazon’s “House of David” series, which featured 350 AI-generated shots in season two. ​However, the rise of adoption of AI in Hollywood has stirred up plenty of debate. Many people in the industry worry about what it means for jobs, creativity, and the future of filmmaking. The conversations around AI are only getting louder as more companies experiment with these new tools. For instance, Netflix has also jumped on the AI bandwagon, with co-CEO Ted Sarandos revealing that its series “The Eternaut” used generative AI to create a building collapse scene. In recent years, Amazon has cited its success with AI as a factor in layoffs. The company recently eliminated 16,000 jobs in January, following 14,000 layoffs last October.

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored versions of the app to select targets, developers said Monday. “I deeply apologize to all users affected by this hijacking,” the author of a post published to the official notepad-plus-plus.org site wrote Monday. The post said that the attack began last June with an “infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for notepad-plus-plus.org.” The attackers, whom multiple investigators tied to the Chinese government, then selectively redirected certain targeted users to malicious update servers where they received backdoored updates. Notepad++ didn’t regain control of its infrastructure until December. The attackers used their access to install a never-before-seen payload that has been dubbed Chrysalis. Security firm Rapid 7 described it as a “custom, feature-rich backdoor.” “Its wide array of capabilities indicates it is a sophisticated and permanent tool, not a simple throwaway utility,” company researchers said. Hands-On Keyboard Hacking Notepad++ said that officials with the unnamed provider hosting the update infrastructure consulted with incident responders and found that it remained compromised until September 2. Even then, the attackers maintained credentials to the internal services until December 2, a capability that allowed them to continue redirecting selected update traffic to malicious servers. The threat actor “specifically targeted Notepad++ domain with the goal of exploiting insufficient update verification controls that existed in older versions of Notepad++.” Event logs indicate that the hackers tried to re-exploit one of the weaknesses after it was fixed but that the attempt failed. According to independent researcher Kevin Beaumont, three organizations told him that devices inside their networks that had Notepad++ installed experienced “security incidents” that “resulted in hands-on keyboard threat actors,” meaning the hackers were able to take direct control using a web-based interface. All three of the organizations, Beaumont said, have interests in East Asia. The researcher explained that his suspicions were aroused when Notepad++ version 8.8.8 introduced bug fixes in mid-November to “harden the Notepad++ Updater from being hijacked to deliver something … not Notepad++.” The update made changes to a bespoke Notepad++ updater known as GUP, or alternatively, WinGUP. The gup.exe executable responsible reports the version in use to https://notepad-plus-plus.org/update/getDownloadUrl.php and then retrieves a URL for the update from a file named gup.xml. The file specified in the URL is downloaded to the %TEMP% directory of the device and then executed. Beaumont wrote: If you can intercept and change this traffic, you can redirect the download to any location it appears by changing the URL in the property. This traffic is supposed to be over HTTPS, however it appears you may be [able] to tamper with the traffic if you sit on the ISP level and TLS intercept. In earlier versions of Notepad++, the traffic was just over HTTP. The downloads themselves are signed—however some earlier versions of Notepad++ used a self signed root cert, which is on Github. With 8.8.7, the prior release, this was reverted to GlobalSign. Effectively, there’s a situation where the download isn’t robustly checked for tampering. Because traffic to notepad-plus-plus.org is fairly rare, it may be possible to sit inside the ISP chain and redirect to a different download. To do this at any kind of scale requires a lot of resources. Beaumont published his working theory in December, two months to the day prior to Monday’s advisory by Notepad++. Combined with the details from Notepad++, it’s now clear that the hypothesis was spot on. Beaumont also warned that search engines are so “rammed full” of advertisements pushing trojanized versions of Notepad++ that many users are unwittingly running them inside their networks. A rash of malicious Notepad++ extensions only compounds the risk.

The two-year-old company, founded by veterans of the autonomous vehicle business Waymo, is seeking to automate excavators and other building equipment.

Mistral AI has released a new family of AI models that it claims will clear the path to seamless conversation between people speaking different languages. On Wednesday, the Paris-based AI lab released two new speech-to-text models: Voxtral Mini Transcribe V2 and Voxtral Realtime. The former is built to transcribe audio files in large batches and the latter for nearly real-time transcription, within 200 milliseconds; both can translate between 13 languages. Voxtral Realtime is freely available under an open source license. At 4 billion parameters, the models are small enough to run locally on a phone or laptop—a first in the speech-to-text field, Mistral claims—meaning that private conversations needn’t be dispatched to the cloud. According to Mistral, the new models are both cheaper to run and less error-prone than competing alternatives. Mistral has pitched Voxtral Realtime—though the model outputs text, not speech—as a marked step toward free-flowing conversation across the language barrier, a problem Apple and Google are also competing to solve. The latest model from Google is able to translate at a two-second delay. “What we are building is a system to be able to seamlessly translate. This model is basically laying the groundwork for that,” claims Pierre Stock, VP of science operations at Mistral, in an interview with WIRED. “I think this problem will be solved in 2026.” Founded in 2023 by Meta and Google DeepMind alumni, Mistral is one of few European companies developing foundational AI models capable of running remotely close to the American market leaders—OpenAI, Anthropic, and Google—from a capability standpoint. Without access to the same level of funding and compute, Mistral has focused on eking out performance through imaginative model design and careful optimization of training datasets. The aim is that micro-improvements across all aspects of model development translate into material performance gains. “Frankly, too many GPUs makes you lazy,” claims Stock. “You just blindly test a lot of things, but you don’t think what’s the shortest path to success.” Mistral’s flagship large language model (LLM) does not match competing models developed by US competitors for raw capability. But the company has carved out a market by striking a compromise between price and performance. “Mistral offers an alternative that is more cost efficient, where the models are not as big, but they’re good enough, and they can be shared openly,” says Annabelle Gawer, director at the Centre of Digital Economy at the University of Surrey. “It might not be a Formula One car, but it’s a very efficient family car.” Meanwhile, as its American counterparts throw hundreds of billions of dollars at the race to artificial general intelligence, Mistral is building a roster of specialist—albeit less sexy—models meant to perform narrow tasks, like converting speech into text. “Mistral does not position itself as a niche player, but it is certainly creating specialized models,” says Gawer. “As a US player with resources, you want to have a very powerful general-purpose technology. You don’t want to waste your resources fine-tuning it to the languages and specificities of certain sectors or geographies. You leave this kind of less profitable business on the table, which creates room for middle players.” As the relationship between the US and its European allies shows signs of deterioration, Mistral has leaned increasingly into its European roots too. “There is a trend in Europe where companies and in particular governments are looking very carefully at their dependency on US software and AI firms,” says Dan Bieler, principal analyst at IT consulting firm PAC. Against that backdrop, Mistral has positioned itself as the safest pair of hands: a European-native, multilingual, open source alternative to the proprietary models developed in the US. “Their question has always been: How do we build a defensible position in a market that is dominated by hugely financed American actors?” says Raphaëlle D'Ornano, founder of tech advisory firm D’Ornano + Co. “The approach Mistral has taken so far is that they want to be the sovereign alternative, compliant with all the regulations that may exist within the EU.” Though the performance gap to the American heavyweights will remain, as businesses contend with the need to find a return on AI investment and factor in the geopolitical context, smaller models tuned to industry- and region-specific requirements will have their day, Bieler predicts. “The LLMs are the giants dominating the discussions, but I wouldn’t count on this being the situation forever,” says Bieler. “Small and more regionally focused models will play a much larger role going forward.”