1. Forum
  2. tqwNet
  3. TQW GENTECH

  • The mobile app traffic your security team can't see and AI agent

    From TechnologyDaily@1337:1/100 to All on Friday, March 27, 2026 12:00:40
    The mobile app traffic your security team can't see and AI agents are generating it

    Date:
    Fri, 27 Mar 2026 11:48:30 +0000

    Description:
    AI agents don't knock before entering. Most of the security team doesn't know they're there.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter AI agents don't knock before entering. They write code, trigger workflows, and hit production APIs directly and in most organizations, no one on the security team knows they're there.

    This isn't a future risk. A recent poll found 48% of security professionals already expect agentic AI to become the top attack vector by year's end, ranking it above deepfakes and every other threat on the list. The pace of deployment is making it worse. When Moltbot an open-source agentic AI tool went viral, it connected 150,000 autonomous agents on a shared network almost overnight. Article continues below You may like How businesses can stop their AI agents from running amok Shadow AI 'double agents' are outpacing security visibility and that's a serious concern for UK businesses AI agents are
    about to make access control obsolete Harshit Agarwal Social Links Navigation

    CEO and co-founder of Appknox. Security researchers flagged it as a blueprint for what uncontrolled agent access looks like at scale: private data
    exposure, external communication channels, and delayed-execution attacks assembled from inputs that looked harmless on their own.

    That governance gap between what AI agents can access and what internet security teams can actually monitor is where the attack surface is growing. The Traffic Your Analytics Will Never Show Mobile APIs are usually built on the assumption that the entity making requests is a human using your app. Authentication logic, rate limiting, and session monitoring, all of it is designed around that mental model. However, AI agents break that assumption.

    Agents bypass the UI layer entirely. They interface directly with APIs, operating outside the behavioral parameters that human users create. That means they don't generate the session data, navigation patterns, or interaction signals that analytics tools use to establish normal. Their traffic looks legitimate at the API level. It often doesnt appear in the logs that security teams actually monitor. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    And the problem is quickly compounding. Non-human identities service accounts, API keys, automation tools, AI agents now outnumber human users by as much as 50 to 1, yet most operate outside any governance lifecycle. No clear owner. No expiration date. No monitoring. The identities driving the most API activity are the ones with the least visibility attached to them.

    Moltbot put a face on the threat. Palo Alto Networks identified prompt injection attacks hidden inside ordinary content, instructions that quietly directed agents to leak private data or build delayed-execution payloads from inputs that looked harmless on arrival. No alerts, no anomalies, just an
    agent doing exactly what it was told. How Developers Are Inadvertently
    Opening the Door AI agents are hitting production before security teams know they exist. Shadow AI adoption and the rapid, often unvetted integration of open source MCP (Model Context Protocol) servers into development workflows mean deployment is outpacing oversight by a wide margin. What to read next
    How a mature API management strategy can help eliminate agentic blind spots 'No one asked them to': Security experts warn malicious AI agents can team up to launch cyberattacks Agentic attacks demand agentic defenses

    Agents need broad access to function, and once that access is granted, it almost never gets reviewed or reduced after deployment. An agent provisioned for one job ends up with standing access well beyond what that job requires.

    The code itself carries risk, too. AI-written code can pass every individual check and still be vulnerable because flaws lie in how its components
    interact at runtime. Logic errors surface in the spaces between systems, not inside them.

    Third-party integrations extend the exposure further. Agents interact with payment , analytics, and messaging APIs under the same under-scrutinized
    trust assumptions that already make external connections a liability, responsible for 35% of the most common security breaches.

    The Deepseek Android app puts a face on this. It's exactly the kind of
    product you'd expect to have its security in order. It didn't. Six critical vulnerabilities unsecured network configuration and missing SSL validation among them were discovered in a flagship AI application. The same categories of risk that AI tools are supposed to eliminate. What Governing AI Agents Actually Requires The starting point is accepting that point-in-time testing doesn't work for agents. They operate continuously and dynamically, so a static snapshot of their behavior tells you almost nothing about what they're doing an hour later. A traditional pentest captures a moment in time. Agents create risk across every moment after it. Security coverage has to match that cadence.

    From there, look at permissions. Least privilege isn't a principle reserved for human users. It applies to every non-human identity in your environment. Scope agent access tightly from the start, and build in a review process that doesn't depend on someone remembering to do it manually.

    Monitoring needs to evolve, too. Volume-based anomaly detection misses most agent-driven abuse. What matters is behavioral patterns, like unusual API
    call sequences, unexpected data access combinations, and integrations firing outside normal parameters.

    And because agents operate at machine speed, human-reviewed monitoring alone won't catch it in time. Autonomous validation, where AI continuously probes your environment the same way a malicious agent would, is what closes that gap.

    The same logic applies inside the development pipeline. Security checkpoints need to be embedded in CI/CD so AI-written or AI-triggered code gets
    validated before it reaches production, not after.

    Finally, treat agents as their own identity class. They're not users, and they're not traditional software. They need the same governance rigor applied to third-party APIs and external integrations, which most organizations are still working to get right.

    AI agents aren't going away. The teams that govern them proactively will be better positioned than those treating them as passive tools. Closing the gap between access and oversight is a workflow decision as much as a security
    one. Check out our list of the best endpoint protection software .



    ======================================================================
    Link to news story: https://www.techradar.com/pro/the-mobile-app-traffic-your-security-team-cant-s ee-and-ai-agents-are-generating-it


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)