IBM’s AI agent Bob easily duped

IBM’s AI agent Bob easily duped into running malware, researchers say Source: www.theregister.com/2026/01/0… Security researchers have demonstrated that IBM’s AI agent, Bob, can be manipulated into executing malware through prompt injection attacks, allowing risky commands to bypass built-in guardrails. Researchers at PromptArmor, who evaluated Bob ahead of its general release, reported that the command-line interface is vulnerable to prompt injection techniques that enable malware execution. They also found that the integrated development environment is susceptible to common AI-specific data exfiltration vectors. AI agent software — models granted access to tools and assigned goals in an iterative loop — is widely regarded as high risk and typically ships with explicit vendor warnings. These risks have been repeatedly demonstrated by security researchers, including Johann Rehberger, who has highlighted vulnerabilities such as prompt injection, jailbreaks and traditional code flaws that can result in malicious code execution. Speaking at a recent Chaos Computer Club presentation, Rehberger noted that mitigating many of these risks ultimately requires placing a human in the loop to authorize potentially dangerous actions.