Malicious implants are coming to AI components, applications

The next generation of malicious implants may live in the AI application back end.

Security researcher Hariharan Shanmugam will publish research next month focused on a security issue he discovered regarding how AI models are uniquely vulnerable to injected code. Though much of security research for AI risks right now concerns prompt injections — using prompts to get LLM models to do things like write malware or leak privileged data — Shanmugam’s findings join a growing body of research dedicated to more technical flaws in LLM models.

Specifically, he will describe how modern security tools are inadequate for detecting certain kinds of malicious implants when they’re embedded in AI components. Shanmugam will debut the research during a session at Black Hat USA 2025 on Aug. 7, titled “Weaponizing Apple AI for Offensive Operations.”

Read more at Dark Reading