来自 Google 和 Meta 的安全研究人员警告称,自主型 AI 代理需要全系统范围的防御架构,以应对新兴的安全风险。专家指出,仅靠传统的网络安全工具无法防范由 AI 代理带来的威胁,因为这类代理能够保留记忆、调用外部工具、与其他代理进行协同,并在没有直接人工监督的情况下持续运行。该担忧源于企业层面在各类工作流程中迅速部署 AI 代理,包括支付、客户服务、编程、网络安全以及金融运营。与更早期的聊天机器人式系统不同,代理式 AI 会引入持久化记忆系统、工具执行和自主工作流,从而产生新的攻击面。这些相互关联系统中的安全故障往往不会局限于单一环节——被篡改的指令或恶意输入可能在变得对外可见之前通过多个层级扩散。
Security Gaps in AI Agent Systems
A survey of 116 AI-agent security papers identified major gaps in defenses against “cross-session” and “stack-propagating” threats, which are capable of moving across multiple layers of autonomous systems over time. The risk is particularly acute in financial services, where AI agents are increasingly deployed for payments, fraud monitoring, trading operations, and customer account management.
In a recent incident, Bankr, an AI-powered crypto trading assistant, disabled transactions on May 20 after identifying an attacker who had gained access to at least 14 wallets. Security experts speculated the bot could have been exploited by a hacker.
Keyrock reported that AI agents processed $73 million in crypto payments between 2025 and 2026, demonstrating the scale of autonomous AI deployment in financial workflows.
Researchers emphasize that agent security must be approached as a systems problem, treating the AI model powering the agent as an untrusted component. Security experts are proposing methods to intercept attacks as they move through interconnected AI-agent systems rather than relying solely on front-end filters or prompt moderation.
Google 和 Meta 扩展代理式 AI 生态系统
Google 近日发布了 Gemini Spark,这是一款始终在线的 AI 助手,能够在 Workspace 应用、云系统以及第三方平台之间进行交互。该公司正在将 AI 代理更深度地集成到 Chrome、Gmail、Search 和 Android 系统中。
Meta 正在准备具备代理能力的 AI 助手,能够在其社交与消息平台上执行个性化任务。安全专家警告称,越来越自主的系统会在这些相互关联的生态系统中带来更多安全漏洞和恶意攻击机会。
免责声明:以上内容(如有图片或视频亦包括在内)均为平台用户上传并发布,本平台仅提供信息存储服务,对本页面内容所引致的错误、不确或遗漏,概不负任何法律责任,相关信息仅供参考。
本站尊重他人的知识产权、名誉权等法律法规所规定的合法权益!如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到qklwk88@163.com,本站相关工作人员将会进行核查处理回复
