Research

Advances in AI-enabled cyber capabilities risk giving threat actors an advantage. To advantage defenders, differential access shapes access to cyber-capable models. The U.S. government should leverage these initiatives to advance the White House Cyber Strategy and U.S. national security.

H200 exports to China would substantially boost Chinese frontier AI development and deployment capabilities, and therefore likely military applications for the PLA. Because end-user access and end use cannot feasibly be controlled once chips enter China, the BIS rule’s verification requirements are unenforceable. 

In February 2026, Anthropic, OpenAI, and Google published evidence of systematic campaigns by Chinese AI companies to extract capabilities from American frontier models. This memo examines how distillation attacks work, why there is a case for targeted government intervention and what that might look like. Recommendations are offered to support industry efforts to counter distillation attacks: (1) consider BIS Entity List designations for adversary AI companies conducting distillation attacks; (2) assess the merits of PAIP Act sanctions against those engaging in or facilitating distillation attack; (3) explore the development of a NIST-led AI Distillation Defense Framework for the broader ecosystem.

Offensive cyber capabilities in frontier AI models are advancing fast. In a matter of months, models have gone from near-zero to meaningful success rates on expert-level security challenges, and leading AI developers have begun triggering their own internal risk thresholds for cybersecurity. Meanwhile, real-world cases have already emerged in which AI agents autonomously executed significant portions of state-sponsored cyber campaigns. These developments raise an increasingly urgent question: what happens when AI systems can plan, execute, and sustain sophisticated cyber operations entirely on their own

The India AI Impact Summit was the fourth in a series of global AI summits. The stated goal of the Summit was to shift the global AI conversation toward “demonstrable impact”, with a focus on inclusive growth. This included orienting the Summit towards various use cases of AI, such as with panels discussing how to drive adoption in sectors like finance, healthcare, and agriculture.

Beijing-based, Alibaba-backed AI company Moonshot now offers Kimi Claw - an 'always-on' AI agent embedded in its consumer platform that can access users' files, apps, and communications continuously. Where TikTok collects data from a single app, these agents represent a qualitatively deeper level of data exposure. This memo examines the privacy, cybersecurity, and national security risks, and recommends four low-cost steps the federal government can take now.

A new memo by IAPS Associate Researcher Oscar Delaney reviews the emerging “MAIM” (mutual assured AI malfunction) literature and evaluates the strategic dynamics that could shape ASI deterrence.

This post contains IAPS’s response to the Request for Information from Senators Heinrich and Rounds as part of the American Science Acceleration Project (ASAP), a national initiative to accelerate the pace of American technical innovation.