SECURITYWEEK'S analysis argues that living off the AI is the next step in attacker tradecraft, building on decades of “living off the land” and “living off the cloud” techniques and now targeting AI assistants, agents and the Model Context Protocol ecosystem. The piece describes how model behaviour can be steered by context rather than code, with attackers leveraging prompt-born tool abuse, MCP and agent “tooljacking”, and memory or retrieval poisoning to influence future actions or exfiltrate data.
It notes that attackers may route communications through popular SaaS platforms, with the AI itself acting as the dispatcher, posting to collaboration channels or updating tickets while quietly exposing sensitive data. Vibe coding abuse and misuse of web development platforms are also highlighted as vectors for phishing and data leakage.
To counter these trends, the article urges treating agents as privileged users, minimising tool scope, hardening prompts and retrieval, constraining inputs and outputs, introducing real guardrails, and continuously testing with adversarial exercises, all to keep AI adoption productive rather than perilous. Written by Etay Maor on 6 February 2026.