New, by me: How AI Assistants are Moving the Security Goalposts

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers and IT workers. But as so many eyebrow-raising headlines over the past few weeks have shown, these powerful and assertive new tools are rapidly shifting the security priorities for organizations, while blurring the lines between data and code, trusted co-worker and insider threat, ninja hacker and novice code jockey.

Read more (and boost please!):

https://krebsonsecurity.com/2026/03/how-ai-assistants-are-moving-the-security-goalposts/

#openclaw #AI #agentic #aiagents #lethaltrifecta

The Moltbook Case and How We Need to Think about Agent Security - Palo Alto Networks Blog

https://www.paloaltonetworks.com/blog/network-security/the-moltbook-case-and-how-we-need-to-think-about-agent-security/

#cybersecurity #threatintelligence #aisecurity #lethaltrifecta #openclaw #moltbot

El lado del mal - Cómo evitar el ataque de la "Triada Letal" en Agentic AI" con la "Rule of 2" https://www.elladodelmal.com/2025/11/como-evitar-el-ataque-de-la-tridada.html #Agentic #AI #IA #InteligenciaArtificial #ArtificialIntelligence #Hacking #hardening #BlueTeam #LethalTrifecta

Lethal Trifecta attack leaking private data in Notion AI agents

https://www.codeintegrity.ai/blog/notion

#HackerNews #LethalTrifecta #NotionAI #DataLeak #CyberSecurity #PrivacyConcerns #AIThreats

Hope a) this does not enshittify Atlassian with the AI push, and b) this does not make Arc or Día browsers the preferred way to interact with Confluence/Jira.

I also hope that Atlassian is well aware of @simon’s lethal trifecta and does not make it easy to exfiltrate content with those AI agents…

Pessimistic me believes the hope above is unfounded 😞

#Atlassian #BrowserCompany #AI #LLM #LethalTrifecta
https://mstdn.social/@TechCrunch/115146102658493936

"The core problem is that when people hear a new term they don’t spend any effort at all seeking for the original definition... they take a guess. If there’s an obvious (to them) definiton for the term they’ll jump straight to that and assume that’s what it means.

I thought prompt injection would be obvious—it’s named after SQL injection because it’s the same root problem, concatenating strings together.

It turns out not everyone is familiar with SQL injection, and so the obvious meaning to them was “when you inject a bad prompt into a chatbot”.

That’s not prompt injection, that’s jailbreaking. I wrote a post outlining the differences between the two. Nobody read that either.

The lethal trifecta Access to Private Data Ability to Externally Communicate Exposure to Untrusted Content

I should have learned not to bother trying to coin new terms.

... but I didn’t learn that lesson, so I’m trying again. This time I’ve coined the term the lethal trifecta.

I’m hoping this one will work better because it doesn’t have an obvious definition! If you hear this the unanswered question is “OK, but what are the three things?”—I’m hoping this will inspire people to run a search and find my description.""

https://simonwillison.net/2025/Aug/9/bay-area-ai/

#CyberSecurity #AI #GenerativeAI #LLMs #PromptInjection #LethalTrifecta #MCPs #AISafety #Chatbots