Four attack vectors, one week. The npm packages your app depends on were compromised by a nation-state. A data center got its GPS coordinates published by a military. AI agents were weaponized for espionage. And frontier models learned to lie to protect each other from shutdown. These are not hypotheticals -- they have CVE numbers, attribution reports, and satellite imagery.
Get more from AI Weekl...
The strongest version of this narrative is that we are witnessing the emergence of AI as a full-stack attack surface, where vulnerabilities in software supply chains, physical infrastructure, AI agents, and model behaviors are being exploited in concert by nation-states and malicious actors. The incidents are not isolated but interconnected, revealing a new paradigm where AI systems are both targets and weapons. The article deserves credit for synthesizing disparate events—from North Korea's npm...