0
Applied AI·July 16, 2026·1 min read

Russian hacker turns Gemini CLI into a hacking agent, creates small-scale botnet

Share

An attacker convincing Gemini’s CLI it was doing authorized pentesting—and then spinning up a botnet—shows how thin current guardrails are once you hit tools and code execution. If you expose AI CLIs or agent runtimes, treat them like any remote execution surface: strict auth, scoped permissions, and anomaly monitoring by default.