Web Pages Can Now Secretly Control AI Systems, Exposing Business Networks to Attacks

A New Vulnerability Puts AI Systems at Risk

Security researchers have discovered a troubling weakness that allows attackers to use ordinary web pages as launching pads for breaking into computer systems. When an AI agent—software designed to automate tasks—visits a malicious website, that page can essentially take control of the AI and force it to run dangerous commands on the host computer. This creates a backdoor that bypasses traditional security measures.

The discovery comes at a time when criminal groups are becoming increasingly sophisticated. One organized ransomware operation, known as Gentlemen, has been distributing specialized tools to criminal affiliates. These tools are specifically designed to disable security software that companies install to monitor and stop attacks. By neutralizing these defenses first, attackers can then deploy encryption software that locks up data and demands ransom payments.

Understanding the Threat Landscape

Think of a computer's security system like a home alarm. Traditional antivirus and monitoring tools act as sensors that detect when something dangerous is happening. The Gentlemen group has essentially created a toolkit that goes around and disables those sensors before a robbery occurs. Now, with this new web-based vulnerability, attackers have found another way in—through the very AI tools that companies are increasingly relying on.

The risk is compounded because many organizations are deploying AI agents to handle routine business tasks. These agents might interact with websites, gather information, or process requests automatically. An attacker could engineer a seemingly innocent web page that, when visited by one of these AI agents, silently instructs it to delete security software, open hidden access points, or steal sensitive files.

Why You Should Care

If your organization uses automated systems or AI tools, this vulnerability affects your security posture directly. Here's why it matters:

• Companies often have fewer safeguards around AI agents than they do for regular user computers, making them attractive targets
• Once an attacker gains control through an AI agent, they can move laterally through your network to reach more critical systems
• Ransomware operations have shown they're willing to invest heavily in developing attack tools, suggesting this threat will only grow
• The combination of AI hijacking plus EDR-disabling tools creates a particularly dangerous attack chain

Protecting Yourself

While patches and updates continue rolling out, you can take several protective steps immediately:

• Segment your network: Keep AI systems isolated so that even if one is compromised, attackers can't easily reach your most sensitive data
• Monitor AI activity: Watch for unusual behavior from automated systems, particularly unexpected outbound connections or file operations
• Update everything: Apply security patches to all systems, including those running AI tools, as soon as they become available
• Review access permissions: Ensure AI agents only have the minimum access needed to perform their intended tasks
• Maintain offline backups: Keep critical data backed up on systems not connected to your main network

As artificial intelligence becomes woven into business operations, securing these systems must become a core priority for any organization.