the sun malaysia ipaper logo 150x150
Thursday, July 16, 2026
29.3 C
Kuala Lumpur
the sun malaysia ipaper logo 150x150

AI agents pose new hacking risks as injection attacks rise

State Election

Johor State Election 2026

11 July 2026 Johor, Malaysia
Learn more

Cybersecurity experts warn AI agents can be hijacked via query injection, enabling hackers to misuse them for unauthorised tasks and data access.

NEW YORK: Cybersecurity experts warn that artificial intelligence agents could be hijacked to perform hackers’ malicious work.

AI agents use chatbots to automate human tasks like booking flights or managing calendars.

Their plain-language operation enables even non-technical users to cause harm.

“We’re entering an era where cybersecurity is no longer about protecting users from bad actors with a highly technical skillset,” AI startup Perplexity stated.

“For the first time in decades, we’re seeing new and novel attack vectors that can come from anywhere.”

Injection attacks previously required sophisticated hidden computer code to cause damage.

As AI evolves from generating content to independently browsing the internet, hijacking risks through malicious prompts have increased.

“People need to understand there are specific dangers using AI in the security sense,” said NeuralTrust software engineer Marti Jorda Roca.

Meta identifies this query injection threat as a “vulnerability” while OpenAI’s CISO Dane Stuckey calls it “an unresolved security issue.”

Both companies are investing billions in AI as usage and capabilities expand rapidly.

Query injection can manipulate user prompts like “book me a hotel reservation” into malicious commands like “wire $100 to this account.”

Malicious prompts can hide online where AI agents encounter compromised data containing hidden hacker commands.

Check Point’s Eli Smadja considers query injection the “number one security problem” for large language models powering AI assistants.

Major AI companies have implemented defenses and published guidelines to prevent such attacks.

Microsoft integrated tools detecting malicious commands based on instruction origins.

OpenAI alerts users when agents visit sensitive sites and blocks unsupervised actions.

Security professionals recommend requiring user approval before AI agents perform critical tasks like data exports or bank access.

“One huge mistake that I see happening a lot is to give the same AI agent all the power to do everything,” Smadja noted.

Cybersecurity researcher Johann Rehberger warns that attacks are rapidly improving.

“They only get better,” Rehberger said of evolving hacker tactics.

Balancing security with usability remains challenging since users want AI convenience without constant monitoring.

Rehberger believes AI agents aren’t mature enough for important missions or sensitive data.

“I don’t think we are in a position where you can have an agentic AI go off for a long time and safely do a certain task,” the researcher stated.

“It just goes off track.” – AFP

STAY AHEAD OF THE CURVE

Join our community for instant updates and exclusive content.

Join Telegram Channel

Related


spot_img

Latest News

RZOLV Technologies Appoints Veteran Mining Executive John C. McConnell to Board of Directors and...

Vancouver, British Columbia - Newsfile Corp. - July 15, 2026 - RZOLV Technologies Inc. (TSXV: RZL) (OTCQB: RZOLF) (FSE: S711) ("RZOLV" or the "Company") is pleased to announce the appointment of John C. McConnell to its Board of Directors, effective July 14th, 2026.

Founders Metals Provides Mid-Year Exploration Update Across Four Targets; Confirms New Antino Northeast Discovery...

Vancouver, British Columbia - Newsfile Corp. - July 15, 2026 - Founders Metals Inc. (TSXV: FDR) (OTCQX: FDMIF) (FSE: 9DL0) ("Founders" or the "Company") announces surface exploration and drilling results from its fully funded 70,000-metre drill program at the Antino Gold Project ("Antino" or the "Project") in southeastern Suriname (Figure 1).

Most Viewed

spot_img
WC26

World Cup 2026

Updates, Fixtures, Results & Standings