AI agents drive new security challenges and governance responses across industry
Security researchers warn that AI agents are increasingly being used to automate and accelerate cyber attacks. A state‑sponsored group reportedly hijacked an AI coding agent to conduct autonomous espionage against dozens of organizations, and threat actors are embedding AI in phishing, web‑shell creation and social‑engineering workflows to generate thousands of malicious pages at machine speed.
Enterprise vendors are responding with new governance tools. Keeper Security announced an extension of its zero‑trust framework to treat AI agents on employee workstations like human users, enforcing identity verification, access policies and audit trails for agents such as GitHub Copilot, Claude Code and Amazon Q. The company also introduced real‑time detection of known and unknown AI agents on endpoints.
Regulators are moving to mandate AI security controls. Hong Kong’s Securities and Futures Commission issued a directive requiring financial firms to encrypt data used by retrieval‑augmented generation (RAG) systems, enforce strict access controls and implement data‑governance to mitigate prompt‑injection attacks.
Check Point’s 2026 AI Security Report notes a shift from AI as an assistant to an operator, with AI now building deployment‑ready malware, running live intrusions and enabling large‑scale vishing and voice‑deep‑fake attacks. The report also highlights rising indirect prompt‑injection and data‑leakage risks.
Analysts warn that the AI supply chain introduces new third‑party risks: malicious model weights, poisoned data sources for RAG pipelines, compromised embedding APIs and vulnerable orchestration frameworks can all undermine traditional zero‑trust defenses.