AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

The Promptware Kill Chain

infonewsLLM-Specific

securityresearch

Source: Schneier on SecurityFebruary 16, 2026

Summary

Attacks on AI language models have evolved beyond simple prompt injection (tricking an AI by hiding instructions in its input) into a more complex threat called "promptware," which follows a structured seven-step kill chain similar to traditional malware. The fundamental problem is that large language models (LLMs, AI systems trained on massive amounts of text) treat all input the same way, whether it's a trusted system command or untrusted data from a retrieved document, creating no architectural boundary between them.

Classification

Attack Type

Prompt InjectionJailbreakRAG PoisoningModel Poisoning

Affected Vendors

OpenAIGoogle

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

First tracked: February 16, 2026 at 11:00 AM

Classified by LLM (prompt v3) · confidence: 92%