TrendAI™ recently showcased two significant research breakthroughs at the [un]prompted 2026 conference. The first presentation by Sean Park demonstrated how AI-driven KYC (Know Your Customer) pipelines can be exploited by treating documents as executable environments. By embedding malicious instructions in identification documents, researchers successfully tricked AI agents into leaking sensitive customer data, proving that traditional data verification processes are now part of the AI attack surface.
The second highlight featured the FENRIR system, an automated pipeline developed to discover AI vulnerabilities and zero-days at scale. Utilizing a combination of static analysis tools like CodeQL and multi-tiered LLM reasoning, FENRIR has already identified over 60 CVEs across AI and Model Context Protocol (MCP) components. This agentic defense approach aims to automate the discovery and reporting of security flaws, shifting the advantage back to defenders in the rapidly evolving AI landscape.
Top comments (0)