Arrakis The Arrakis Chronicles

The Arrakis Chronicles

Original threat research on AI agent security, autonomous workforce governance, and agentic AI risks — from the Arrakis Security research team

Ghost Rider: How Attackers Burned $46,000 a Day on Stolen AI Compute

Ghost Rider: How Attackers Burned $46,000 a Day on Stolen AI Compute

Liad MatusovskyMay 12, 2026

Glass Weight: How Weaponized Hugging Face Models Turned MLOps Into a Deserialization Attack Surface

Glass Weight: How Weaponized Hugging Face Models Turned MLOps Into a Deserialization Attack Surface

Liad MatusovskyMay 4, 2026

The Pipe Crawl: How Shared AI Compute Lets Attackers Slide Between Tenants

The Pipe Crawl: How Shared AI Compute Lets Attackers Slide Between Tenants

Liad MatusovskyApril 30, 2026

The Autonomous RAT: How Indirect Prompt Injection Replaced the Remote Access Trojan

The Autonomous RAT: How Indirect Prompt Injection Replaced the Remote Access Trojan

Liad MatusovskyApril 27, 2026

PHANTOM INK: How Invisible Unicode in Repository Configs Quietly Reprograms AI Coding Assistants

PHANTOM INK: How Invisible Unicode in Repository Configs Quietly Reprograms AI Coding Assistants

Eliyahu KatzMarch 5, 2026

Trojan Glyph: The Prompt Injection Your Sanitizer Can't See

Trojan Glyph: The Prompt Injection Your Sanitizer Can't See

Maya LeviMarch 4, 2026

Cicada Shell: How Sleeper Agents Evade AI Safety Training

Cicada Shell: How Sleeper Agents Evade AI Safety Training

Maya LeviMarch 2, 2026

Murmuration: When a Swarm of Benign Agents Steals in Plain Sight

Murmuration: When a Swarm of Benign Agents Steals in Plain Sight

Daniel AradFebruary 19, 2026

Infinite Hallway: How Hallucinated MCP Servers Become Attacker C2 on the Loopback

Infinite Hallway: How Hallucinated MCP Servers Become Attacker C2 on the Loopback

Maya LeviFebruary 15, 2026