惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
C
Cisco Blogs
The Hacker News
The Hacker News
T
Tor Project blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
The GitHub Blog
The GitHub Blog
A
Arctic Wolf
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The Register - Security
The Register - Security
云风的 BLOG
云风的 BLOG
Simon Willison's Weblog
Simon Willison's Weblog
P
Palo Alto Networks Blog
Vercel News
Vercel News
C
CERT Recently Published Vulnerability Notes
I
InfoQ
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
M
MIT News - Artificial intelligence
I
Intezer
aimingoo的专栏
aimingoo的专栏
U
Unit 42
C
Cyber Attacks, Cyber Crime and Cyber Security
L
LINUX DO - 热门话题
Microsoft Security Blog
Microsoft Security Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
Cyberwarzone
Cyberwarzone
P
Proofpoint News Feed
P
Proofpoint News Feed
B
Blog
T
Threat Research - Cisco Blogs
博客园 - 叶小钗
Recorded Future
Recorded Future
Last Week in AI
Last Week in AI
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Know Your Adversary
Know Your Adversary
Engineering at Meta
Engineering at Meta
G
Google Developers Blog
PCI Perspectives
PCI Perspectives
Google DeepMind News
Google DeepMind News
WordPress大学
WordPress大学
Application and Cybersecurity Blog
Application and Cybersecurity Blog
MyScale Blog
MyScale Blog
Security Archives - TechRepublic
Security Archives - TechRepublic
Schneier on Security
Schneier on Security
N
News | PayPal Newsroom
C
Cybersecurity and Infrastructure Security Agency CISA
H
Help Net Security
博客园 - 聂微东
H
Hackread – Cybersecurity News, Data Breaches, AI and More
G
GRAHAM CLULEY

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
Why Sam Altman’s Warning About A Big Cyberattack In 2026 Is Overblown
Tim Keary · 2026-04-18 · via Forbes - Innovation
OpenAI CEO Sam Altman who recently warned about a cyber attack

OpenAI CEO Sam Altman (Photo by JOEL SAGET / AFP) (Photo by JOEL SAGET/AFP via Getty Images)

AFP via Getty Images

OpenAI CEO Sam Altman sat down for a video interview in April with Axios cofounder Mike Allen and agreed that it’s “totally possible” there could be a “world-shaking” cyberattack in 2026.

“I suspect in the next year, we will see significant threats that we have to mitigate from cyber and these models are already quite capable and will get much more capable,” said the OpenAI cofounder in the interview. He also suggested that society needs to become resistant to the potential of terrorist groups using these models to create novel pathogens and cause harm.

Since the interview, there’s been a lot of debate over whether his comments were an accurate reflection of the evolving threat landscape or overblown. The recent announcement that Anthropic’s Claude Mythos could autonomously identify software vulnerabilities has added fuel to the fire.

However, many security experts suggest it isn’t necessarily the risk of a massive cyberattack that presents the biggest risk to modern enterprises, but the lack of governance around everyday AI adoption, introducing new risks to the workplace.

Challenging Sam Altman’s Concept of World-Shaking

Reflecting on Altman’s comments, Justin Fier, SVP of offensive security at AI-security vendor Darktrace, told me, “I think the concern is legitimate, but I also think it helps to define what ‘world-shaking’ actually means. We have already experienced cyberattacks with broad, disruptive impact. WannaCry is one example and I do think there is a degree to which people have become desensitized because cyber incidents are now such a regular feature of the landscape.”

WannaCry, a ransomware outbreak that occurred in 2017, stands out due to the scale of damage it caused. According to Microsoft, in May 2017, the WannaCry ransomware outbreak spread across over 150 countries and infected over 300,000 computers across 100,000 businesses, including the UK’s National Health Service.

“To me, a truly world-shaking event would be something that moves beyond a major enterprise breach and starts affecting the systems people rely on every day or the broader stability of the economy. If you are talking about power, water or the financial system, something that creates a real cascading effect across society, that is a very different category of cyber event,” Fier said.

It’s arguable that the ransomware attack on Colonial Pipeline in May 2021 also fulfills this criterion, with the breach disrupting critical supplies of gasoline and other refined products across the East Coast of the U.S.

These incidents highlight that widespread damage from cyber attacks isn’t just a theoretical possibility; it’s already happened. As AI advances, there is the potential for incidents of a similar scale, but Fier believes there are more immediate issues to address.

For Fier, the issue isn’t that AI will suddenly produce a new class of attack, but that enterprises are adopting AI faster than they are building the controls to understand and govern it. Companies that deploy AI agents without the proper oversight are introducing risks inside their organizations that threat actors can exploit.

The Biggest Threat Is Lack Of Oversight

In the world of cybersecurity, misconfiguring internal systems can be just as dangerous as any malicious action taken by a threat actor. Dr. Joye Purser, global field CISO of Cohesity and the first senior executive regional director for CISA, led the federal response across eight states to the Colonial Pipeline ransomware attack and told me in an email that the biggest risk from AI wasn’t necessarily a particular threat, but a lack of guardrails.

“Enterprises lack awareness of the AI systems in place, the extent of ‘copy-paste’, data leakage and the details of how models were designed and trained. All of this generates risks that are invisible; and invisible risks cannot be evaluated and mitigated,” Purser said.

For Purser, strict data retention controls can help reduce the risk of data loss through copy-paste leakage, while employee education can increase awareness of the potential risks of losing intellectual property. As more employees use tools like ChatGPT and Claude as part of their workflows, it’s becoming more likely that sensitive proprietary information will be leaked to these models.

“The biggest threat isn’t an attack from the outside, but that companies have no visibility into how their own workers are using AI. Workers are connecting personal AI tools to work systems, delegating tasks to agents that act with the worker's permissions, and building AI-powered personal knowledge systems that mix corporate and personal data. The traditional governance model assumes you can draw a line between ‘inside’ and ‘outside,’ but that line doesn't exist anymore,” Brian Madden, VP, technology officer and futurist at Citrix, told me via email.

Madden notes that you can’t govern what you can’t see. Most companies have zero visibility into the AI tools their workers are using, how they’re using them or even how data is flowing in and out of those tools. Instead of worrying about how to secure AI, companies should be looking to understand what employees are doing with it.

“I don’t see the risk as a single catastrophic cyberattack, but rather the ‘drip drip drip’ slow structural exposure that comes from thousands of workers connecting AI agents to corporate systems (with their full permissions!) and limited to no oversight. Most companies don't have the governance infrastructure to even see or know it's happening,” Madden said.

Are AI Agents A Threat?

AI agents are playing a bigger role in the enterprise than ever before. A PWC survey of 300 senior executives released last year found that 79% say AI agents are already being adopted in their companies. All of these agents present new risks that organizations need to be prepared to confront.

“The biggest threat isn’t someone using AI to attack your enterprise from the outside. It’s the AI agents you invited inside,” Naor Paz, CEO and co-founder of Capsule Security, an agentic AI vendor that this week emerged from stealth with $7 million in seed funding, told me via email.

Today, many companies are deploying agents with broad access to sensitive data, internal tools, code repositories and customer records without providing meaningful oversight.

“Think of it as hiring an employee you’ve never met, giving them keys to everything, and hoping for the best. A coding agent like Claude Code can bypass guardrails and act autonomously and by the time the damage surfaces, it’s already done. That’s the real risk: not a dramatic external attack, but an internal agent operating unchecked at machine speed,” Paz said.

In this sense, while developments in AI technologies do present new external risks, there are significant internal risks emerging that companies do have the power to address. In the case of agents, this starts by governing what data they can access and setting guardrails to determine what actions they can perform.

While human-in-the-loop is one way to mitigate the risks around AI agents, Paz notes that agents-in-the-loop can be used to provide runtime security for AI agents. In short, companies that use agents can reduce the chance of data breaches by watching the actions they take and blocking high risk activities before they are executed.

Altman isn’t necessarily wrong about the potential for a high-impact cyberattack, but it appears that the most pressing risk comes from companies leaving cybersecurity as an afterthought.