AI coding agents can be manipulated via compromised symlinks to silently register malicious server code that executes with user privileges on restart, endangering secrets and CI infrastructure.
AI agents fail to recognize social engineering phishing because they do not separate data paths from control paths and do not verify identities, though they partially detect technical attacks.
AI agents like OpenClaw can detect technical attack vectors but fail to protect against social engineering attacks due to insufficient identity verification.
AI systems require fundamentally new red-teaming approaches due to their probabilistic nature, which differ fundamentally from classical penetration testing.
Anthropic splits Claude Fable 5 into a public version (with safeguards) and a restrictive version (Claude Mythos 5 without security layers) for verified cybersecurity experts.
Enterprise-grade AI agents that orchestrate workflows across multiple systems are required to translate AI ambitions into operational value and meet regulatory requirements.
The gap between AI-mature and experimenting organizations is widening; systematic governance determines competitive advantage or risk of autonomous IT systems.