- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Expanding AI Cyberattack Risks Raise Alarms
Concerns grow over securing AI agents, models, and nation-state threats
Jan. 31, 2026 at 2:23pm by Ben Kaplan
Got story updates? Submit your updates here. ›
As the global adoption of artificial intelligence accelerates, so too are concerns about the growing threats to the infrastructure powering it. The rise of AI agents has opened new questions about controlling their access and actions, while security researchers warn of vulnerabilities in widely used AI communication protocols like the Model Context Protocol (MCP). The cybersecurity community is also worried about the widening "security poverty line" that makes it difficult for smaller businesses to defend against AI-powered attacks, as well as the potential for nation-states like China to surpass the U.S. in AI capabilities and use them for malicious purposes.
Why it matters
The expanding use of AI agents and models has created new attack surfaces that cybersecurity experts warn are not being properly secured, potentially opening the door for malicious actors to leverage AI for a wide range of cyberattacks. This raises concerns about the ability of businesses, especially smaller ones, to protect themselves, as well as the geopolitical implications of nations racing to develop advanced AI capabilities.
The details
Security researchers have noted vulnerabilities in the widely used Model Context Protocol (MCP) that allows AI agents to connect to external data sources and applications. 95% of MCP deployments were found to be running on employee endpoints with limited security visibility. There are also concerns that malicious actors with fewer resources are increasingly able to automate and scale up attacks targeting AI infrastructure. Nation-states like China are also seen as a growing threat, as they work to rapidly develop advanced AI capabilities that could surpass those of the U.S.
- In November 2024, Anthropic introduced the open MCP standard.
- In recent months, security concerns with MCP have been documented by researchers from Red Hat and IANS.
- In October 2025, honeypots set up by GreyNoise recorded over 91,000 attack sessions on large language model infrastructure over a three-month period, with nearly 81,000 occurring in an 11-day span.
The players
Anthropic
The company that introduced the open Model Context Protocol (MCP) standard in November 2024.
Red Hat
A software company that has documented security concerns with the MCP protocol.
IANS Research
A research firm that has also documented security issues with the MCP protocol.
GreyNoise Intelligence
A cybersecurity firm that set up honeypots and recorded over 91,000 attack sessions on large language model infrastructure over a three-month period.
China
A nation-state that is seen as gaining ground in the race to produce advanced AI capabilities that could surpass those of the U.S.
What they’re saying
“The types of behaviors that we've started seeing in agentic AI are really changing our landscape. As we are going through this adoption, it is rapidly expanding our attack surface.”
— Dr. Margaret Cunningham, Vice President of Security and AI Strategy, Darktrace Inc.
“I have not found true native full-stack security in MCP. We've got to be ready for some really bad things to happen.”
— Aaron Turner, Faculty Member, IANS
“If you are a retail shop with a 1% profit margin, you are going to have trouble spending the money on security that you need. Just training alone isn't going to do it.”
— Wendy Nather, Senior Research Initiatives Director, 1Password LLC
“I'm seeing lower-resource attackers able to scale up. They can automate a lot of processes. Everybody from script kiddies to nation states are now using AI to develop exploits. This legitimately scares me.”
— Rich Mogull, Chief Analyst, Cloud Security Alliance
“We still have the best AI labs in the world, our models are still the best in the world. But China has almost everything they need to be a really close fast follower.”
— Colin Kahl, Senior Fellow, Freeman Spogli Institute for International Studies, Stanford University
What’s next
The judge in the case will decide on Tuesday whether or not to allow Walker Reed Quinn out on bail.
The takeaway
This case highlights growing concerns in the community about repeat offenders released on bail, raising questions about bail reform, public safety on SF streets, and if any special laws to govern autonomous vehicles in residential and commercial areas.
San Francisco top stories
San Francisco events
Mar. 17, 2026
Joe Klocek & Friends
Mar. 17, 2026
Clinton Kane - 4350 Live with Julian Ray