Hijacking multi-agent systems in your PajaMAS blog.trailofbits.com/2025/07… by @suhackerr at @trailofbits "Multi-agent systems (MASs) are an increasingly popular paradigm for AI applications. As Leslie Lamport famously noted, “a distributed system is one in which the failure of a computer you didn’t even know existed can render your own computer unusable.” It turns out that a similar aphorism applies to MASs. MASs introduce a new dimension to the attack surface of AI applications: inter-agent control flow. Through an attack known as MAS hijacking, attackers can manipulate the control flow of a MAS. Imagine your AI research assistant retrieves a malicious web page, and suddenly an attacker can execute arbitrary code on your machine. Today, we’re releasing pajaMAS: a curated set of MAS hijacking demos that illustrate important principles of MAS security. In this post, we’ll walk through each demo, explain the underlying security principles, and present concrete guidance for secure MAS development." #MultiAgent #AgentSecurity #AIThreats #MASHijacking #InterAgent #ControlFlow #AgentHacking #AISecurity #AgenticAI #DistributedAI #RemoteCode #CodeInjection #AIAttackSurface #SecureAgents #TrailOfBits #PajaMAS #AIResearch #AutonomousAgents #MASDefense #AgentRisks #AIGovernance #AIsecurity #ResponsibleAI #AICompliance #CyberSecurity #SecureByDesign #AIsecurity #LLMSecurity #DevSecOps #MLSecOps