AI Adoption and Agentic AI Features Raise Security and Governance Concerns
U.S. public-sector and industry reporting highlighted that security confidence and workforce constraints are emerging as major blockers to scaling artificial intelligence. A survey commissioned by Google Public Sector found most federal respondents are already using or planning to use AI, but only a small minority report completed AI adoption plans; respondents cited declining confidence in their agencies’ digital security posture, legacy technology exposure, procurement friction, and skills shortages as key impediments to moving beyond pilots.
Separately, Anthropic introduced a research-preview “agentic” capability, Cowork for Claude, built on Claude Code, which can execute multi-step tasks with access to local folders and optional connectors (including browser-based workflows). Anthropic warned that ambiguous instructions or misinterpretation could result in potentially destructive actions (e.g., deleting local files) despite confirmation prompts for “significant actions,” underscoring the need for tighter controls when granting AI tools operational access. Other items in the set focused on broader AI discourse and geopolitics—Nvidia CEO Jensen Huang disputing “god AI” narratives and a Lawfare analysis of China’s AI capacity-building diplomacy—rather than specific cybersecurity events or actionable security findings.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
3 events from the most recent confirmed update back to the earliest known activity.
Federal agency AI adoption survey highlights security and workforce barriers
A survey commissioned by Google Public Sector and conducted by Government Executive reported that nearly 90% of federal agency respondents are using or planning to use AI, but many remain in pilot stages. The report identified declining security confidence, workforce shortages, procurement limits, and reliability concerns as major obstacles to broader adoption.
Anthropic discloses safety and prompt-injection risks in Claude Cowork
At launch, Anthropic warned that Claude Cowork carries meaningful security and safety risks, including accidental destructive actions such as deleting local files if instructions are unclear or misinterpreted. The company also said prompt injection remains an active industry problem despite implemented defenses and sandboxing around explicitly authorized folders.
Anthropic launches Claude Cowork research preview for macOS
Anthropic announced a research preview of "Claude Cowork," extending Claude into a macOS assistant that can perform local file and workflow automation tasks with user-authorized access. The feature was initially made available to Claude Max subscribers in the Claude macOS app, with a waitlist planned for other users.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
Meet Your New Coworker: Anthropic’s Claude Now Controls Your Mac
securityonline.info
Open sourceReport: Workforce shortages, security fears among biggest hindrances to agency AI adoption - Nextgov/FCW
nextgov.com
Open sourceClaude Cowork automates complex tasks for you now - at your own risk
zdnet.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
AI Adoption and Governance Concerns Amid Emerging Agentic-AI Security Risks
Organizations are accelerating adoption of **generative and agentic AI**, but reporting indicates governance, data readiness, and workforce skills are lagging. A survey of chief data officers cited widespread use of genAI in large enterprises and growing plans to increase **data management** investment, while also flagging that visibility and governance have not kept pace with expanding AI usage and that many employees need upskilling in **data** and **AI literacy** to use AI outputs responsibly. Separately, commentary and reporting highlighted a widening set of AI-related security and societal risks, including concerns about **deepfakes**, privacy, and opaque model behavior, alongside claims of real-world exploitation activity targeting AI-adjacent developer workflows (for example, token theft via compromised automation such as GitHub Actions) and discussion of vulnerabilities affecting AI tooling and agent communication patterns. Other items in the set were primarily newsletter/personal updates or vendor-style announcements and did not provide a single, verifiable incident narrative beyond general AI-and-security trend coverage.
Mar 27, 2026
Agentic AI and AI Automation in Cybersecurity Operations and Risk Management
Security and technology outlets highlighted a growing shift from *GenAI copilots* toward **agentic AI**—systems that can take actions autonomously or semi-autonomously—alongside warnings that governance and oversight are not keeping pace. Commentary in SC Media argued that as enterprises orchestrate hundreds or thousands of agents, traditional *human-in-the-loop* review becomes a scaling bottleneck, pushing organizations toward **human-on-the-loop** monitoring and policy-based exception handling; separate SC Media analysis cautioned CISOs to temper “hype vs. reality” expectations around agentic AI in SOC use cases due to reliability and oversight concerns. Related coverage emphasized adjacent AI risk themes, including research/analysis calling for AI systems to be constrained by values such as fairness, honesty, and transparency, and reporting on “shadow AI” contributing to higher insider-risk costs as employees use unsanctioned tools and workflows. Several items focused on operational and data-security implications of AI-enabled automation. Security Affairs described AI-assisted incident response as a way to accelerate investigations by correlating telemetry across tools, enriching alerts, and producing summaries faster than manual analyst workflows, while a SecuritySenses segment similarly framed AI as best suited for summarization/enrichment and repetitive tasks, with deterministic decisions retained by humans and with attention to securing agent communications (e.g., OWASP guidance for agents). CSO Online reported a specific AI-adjacent exposure risk: a **Google API key change** characterized as “silent” that could expose *Gemini* AI data, and also noted concerns that personal AI agents (e.g., “OpenClaw”) could be influenced by **malicious websites**. Other references in the set were unrelated to this AI/agentic-operations theme (e.g., ransomware impacting a Mississippi healthcare system, China-linked espionage using Google Sheets, legal rulings on personal data, and general conference/event or career items).
Mar 21, 2026
AI Adoption and Governance Updates Across Industry and Government
Recent coverage focused on **AI adoption, governance, and societal impacts** rather than a discrete cybersecurity incident. OpenAI CEO **Sam Altman** argued that comparing AI energy use to human cognition is “unfair,” claiming the energy cost of “training a human” (years of living and food consumption plus evolutionary history) should be considered when judging AI efficiency, and separately warned that some companies are engaging in **“AI washing”**—attributing layoffs to AI as a pretext for workforce reductions—while also acknowledging real job displacement is likely to become more noticeable in the next few years. Enterprises and public-sector organizations highlighted practical AI rollouts and associated risk considerations. **Intel** introduced *Ask Intel*, a support assistant built on **Microsoft Copilot Studio**, alongside a shift away from public phone support toward web-based case handling, while noting response accuracy “cannot be guaranteed.” **Microsoft** removed a blog post that had described training LLMs using a Kaggle dataset derived from **pirated Harry Potter ebooks**, amid ongoing legal uncertainty around fair use and potential contributory infringement exposure. Separately, U.S. federal officials emphasized **targeted AI adoption** and expectation management (with the VA reporting hundreds of AI use cases), while other items included a hobbyist AI dashboard project shared on GitHub and a generic startup article on AI-accelerated MVP development—neither of which provided substantive security-relevant disclosures.
Apr 14, 2026