Research
Lessons from Penetration Tests on Large-Scale Agent Systems: Recurring Vulnerability Classes Mapped
IBM researchers (Eykholt, Kirat, Shu et al.) present findings from penetration testing production-scale AI agent systems, arguing most discovered vulnerabilities are not novel but reflect recurring weakness classes from traditional computing. Execution-capable agents are effectively unbounded self-modifying programs interacting across the full computing stack, creating a significant security surface that maps to known attack taxonomies.
Source
↳ Follow the thread