- Today
- Holidays
- Birthdays
- Reminders
- Cities
- Atlanta
- Austin
- Baltimore
- Berwyn
- Beverly Hills
- Birmingham
- Boston
- Brooklyn
- Buffalo
- Charlotte
- Chicago
- Cincinnati
- Cleveland
- Columbus
- Dallas
- Denver
- Detroit
- Fort Worth
- Houston
- Indianapolis
- Knoxville
- Las Vegas
- Los Angeles
- Louisville
- Madison
- Memphis
- Miami
- Milwaukee
- Minneapolis
- Nashville
- New Orleans
- New York
- Omaha
- Orlando
- Philadelphia
- Phoenix
- Pittsburgh
- Portland
- Raleigh
- Richmond
- Rutherford
- Sacramento
- Salt Lake City
- San Antonio
- San Diego
- San Francisco
- San Jose
- Seattle
- Tampa
- Tucson
- Washington
Georgia Tech researchers uncover AI backdoor threat to self-driving cars
VillainNet vulnerability allows hackers to hijack autonomous vehicles with 99% success rate while remaining undetected by current security tools.
Published on Feb. 23, 2026
Got story updates? Submit your updates here. ›
Researchers at Georgia Tech have discovered a new vulnerability called VillainNet that exposes a critical blind spot in autonomous vehicle systems. VillainNet is a dormant AI backdoor that can be programmed to activate under specific conditions, allowing hackers to take control of self-driving cars with a 99% success rate while remaining invisible to current security measures.
Why it matters
The discovery of VillainNet highlights the serious security risks posed by AI-powered autonomous vehicles, which are becoming increasingly prevalent on public roads. If left unaddressed, this vulnerability could enable dangerous scenarios like hackers hijacking self-driving taxis and holding passengers hostage, threatening public safety.
The details
VillainNet exploits the architecture of modern AI systems used in self-driving cars, which rely on 'super networks' - massive systems that swap smaller modules in and out depending on the task. Researchers say an attacker only needs to poison one tiny tool in this digital toolbox, allowing malicious code to remain invisible across countless normal configurations until the car calls up that specific module, at which point the backdoor activates.
- The research was presented at a major security conference in October 2025.
The players
David Oygenblik
A Ph.D. student at Georgia Tech and the lead researcher on the VillainNet discovery.
Georgia Tech
A public research university located in Atlanta, Georgia, where the VillainNet vulnerability was uncovered by researchers.
What they’re saying
“An attacker only needs to poison one tiny tool in that box. The malicious code stays invisible across countless normal configurations until the car calls up that specific module. Then it activates.”
— David Oygenblik, Ph.D. student, Georgia Tech
What’s next
The research team is calling for new defenses to be developed by automakers before these types of attacks move from the lab to public roads.
The takeaway
The discovery of VillainNet highlights the critical need for robust security measures to be implemented in autonomous vehicle systems to prevent hackers from exploiting vulnerabilities and gaining control of self-driving cars, which could have devastating consequences for public safety.
