Risks and Governance Challenges of Expanding AI Agent Access
The rapid evolution of generative AI systems, such as ChatGPT and Google Gemini, is ushering in a new era where AI agents and assistants are designed to perform tasks and make decisions on behalf of users. To function effectively, these AI agents require deep access to personal data and operating systems, raising significant concerns about privacy and cybersecurity. Experts warn that the trade-off for increased convenience is the exposure of sensitive information, as these agents often need extensive permissions to personalize services and interact with various applications.
Simultaneously, global debates are intensifying over how AI should be governed, with China advancing an ambitious agenda to shape international AI rules. Beijing's approach emphasizes state control and anticipatory censorship, which could have far-reaching implications for freedom of expression and the global regulatory landscape. As AI agents become more integrated into daily life, the intersection of technical risks and governance models will play a critical role in determining the balance between innovation, security, and civil liberties worldwide.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
Generative AI adoption drives rise of all-access AI agents
By late 2025, widespread use of systems such as ChatGPT and Gemini was accelerating deployment of AI agents that require broad access to personal and enterprise data, including operating-system-level permissions. Researchers and experts warned this trend was increasing privacy, security, and transparency risks for users and organizations.
China advances state-centric AI governance agenda
By late 2025, China was promoting a global AI governance model centered on state control and censorship, including its Global AI Governance Action Plan and strict domestic AI regulations. The effort was framed as part of a broader push to shape international AI rules and information governance.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Privacy Concerns Over AI Training Data and Chatbot Adoption Risks
The rapid adoption of generative AI chatbots, such as ChatGPT, is transforming both consumer and enterprise environments, with significant growth in usage and market value. These chatbots are being used for a wide range of applications, from customer service to code generation and mental health support. However, their increasing prevalence raises concerns about risks such as hallucinations, dangerous suggestions, and the need for robust guardrails to ensure safe deployment and use. Simultaneously, privacy concerns have emerged regarding how major technology companies, like Google, may use personal data to train AI models. Google recently denied allegations that it analyzes private Gmail content to train its Gemini AI model, following a class action lawsuit and public confusion over changes in Gmail's smart features settings. The company clarified that while smart features have existed for years, Gmail content is not used for AI model training, and any changes to terms or policies would be communicated transparently. These developments highlight the ongoing tension between AI innovation, user privacy, and the need for clear communication about data usage.
Mar 21, 2026
Risks and Security Challenges of Shadow AI Agents in Enterprise Environments
Organizations are rapidly adopting AI-powered tools and agents across business processes, often without adequate oversight or security controls. As AI agents become more autonomous, they are increasingly granted access to sensitive systems, data, and workflows, sometimes without formal approval or visibility from IT and security teams. This phenomenon, known as 'Shadow AI,' introduces significant blind spots for traditional security tools, as these agents can operate with hidden identities and privileges. Studies have shown that a large proportion of enterprise employees use generative AI tools like ChatGPT, frequently pasting sensitive information such as personally identifiable information (PII) and payment card data into these platforms, often through unmanaged personal accounts. This uncontrolled usage creates substantial risks of data leakage, compliance violations, and potential misuse of corporate data for AI model training. Security research highlights that 45 percent of enterprise employees use generative AI tools, with 77 percent of those users copying and pasting data into chatbots, and 22 percent of those pastes containing PII or PCI data. Furthermore, 40 percent of file uploads to generative AI sites include sensitive data, with a significant portion coming from non-corporate accounts, making it difficult for organizations to monitor or control data exfiltration. The rise of autonomous AI agents, capable of acting independently and integrating with APIs and workflows, further complicates the security landscape, as these agents can trigger actions and access data without direct human oversight. Industry experts warn that unchecked proliferation of AI agents could lead to disastrous consequences, including unauthorized access to business processes and sensitive information. The OpenID Foundation and other organizations are calling for the development of AI-specific identity and access management standards to address these risks. Ethical considerations are also paramount, as the design and deployment of AI agents must prioritize principles such as transparency, accountability, and alignment with human values to prevent costly errors and security incidents. Security leaders are urged to extend governance practices to cover AI agents, implement robust monitoring and access controls, and foster a culture of cybersecurity awareness to mitigate the risks posed by shadow AI. The convergence of technical, regulatory, and ethical challenges underscores the urgent need for coordinated action to secure the expanding ecosystem of AI agents within enterprises.
Mar 21, 2026
Security Risks and Control Imperatives for Autonomous AI Systems
The rapid advancement of generative and agentic AI systems has shifted the cybersecurity conversation from theoretical risks to urgent, practical concerns about maintaining effective security controls. As AI models become more autonomous and capable, the potential for misuse—including the generation of novel cyberattacks and data leaks—has increased significantly. Industry experts are calling for a new social contract, or "AI Imperative," that establishes clear, enforceable rules for the deployment and management of these powerful technologies, emphasizing the need for rigorous evaluation of both offensive and defensive capabilities before widespread adoption. Agentic AI tools, which can autonomously reason, plan, and execute tasks with minimal human oversight, introduce a heightened attack surface compared to traditional large language model (LLM) chatbots. Security researchers have demonstrated that these agents are vulnerable to a range of attacks, including prompt injection, goal hijacking, privilege escalation, and manipulation of agent interactions to compromise entire networks. The complexity of securing these systems is compounded by the rapid pace of adoption and the evolving shared responsibility model between vendors and customers, underscoring the critical need for robust access controls and proactive risk management strategies.
Mar 21, 2026