Meet Promptware: How AI attacks became malware-like campaigns

LLM-based apps—from chatbots to code-running agents—are creating a new playground for attackers. A new paper by Ben Nassi, Bruce Schneier, and Oleg Brodt argues these aren’t one-off "prompt injections," but full-on malware campaigns they call promptware.

They map attacks to a five-step "kill chain" so teams can spot, stop, and discuss them:

• Initial Access: prompt injection to get a foothold.
• Privilege Escalation: jailbreaking to bypass safeguards.
• Persistence: poisoning memory or retrieval so bad prompts stick around.
• Lateral Movement: hopping across tools, systems, or users.
• Actions on Objective: exfiltrating data, moving money, or executing code.

Why it matters: framing AI threats as a kill chain brings clarity, shared vocabulary, and practical threat modeling—before autonomous agents hit the real world at scale.

Read: https://arxiv.org/abs/2601.09625v1

Paper: https://arxiv.org/abs/2601.09625v1

Register: https://www.AiFeta.com

#AI #Cybersecurity #LLM #Security #Malware #Promptware #PromptInjection #AISafety