{"data":{"id":"1b06c9d7-361d-4b71-9d40-b815b07f5205","title":"AI security needs a shift from models to systems, researchers argue","summary":"Researchers argue that enterprises cannot secure AI agents by making the underlying models more robust. Instead, they must enforce security controls at the system level, treating AI models as fundamentally untrusted components, similar to how operating systems treat processes. The paper identifies five security principles from traditional systems security (least privilege, tamper resistance, complete mediation, secure information flow, and accounting for human error) that should be applied to AI agents, and notes that all eleven real-world attacks analyzed violated the secure information flow principle.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"https://www.csoonline.com/article/4176725/ai-security-needs-a-shift-from-models-to-systems-researchers-argue.html","publishedAt":"2026-05-25T12:32:34.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Google","Microsoft"],"affectedVendorsRaw":["Google","University of California San Diego","University of Wisconsin-Madison","Microsoft","ChatGPT","Claude","Cursor","Jira"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-25T12:32:34.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}