Connect with us

INTERNACIONAL

Chinese AI models raise ‘sleeper agent’ fears after report finds more vulnerable code for US users

Published

on


NEWYou can now listen to Fox News articles!

Chinese AI models used to write code may be creating a hidden security risk for U.S. companies, federal officials and government contractors, per a new report published by a major defense contractor specializing in cyber security.

Advertisement

Booz Allen published a report in late May warning the federal government, private software developers and workers in critical industries that the presence of code written by popular Chinese AI models within the supply chain may be making the United States more vulnerable to bad faith actors. These vulnerabilities aren’t simple backdoors, Booz Allen reports, but rather come in the form of Chinese large language models producing lower-quality, and thus easier to breach, code when they believe they are being prompted by an American.

Chinese models are generally cheaper than their Western counterparts and work well enough to keep companies interested, a dynamic that has led to increased adoption in the United States and put some policymakers and national security experts on edge.

«I’d say there’s an 80% chance they’re using a Chinese open-source model,» Martin Casado, a general partner at the major venture capital firm Andreessen Horowitz, said in November 2025 when asked about their prevalence among start ups. Major U.S. firms such as Meta, Airbnb and Perplexity are also reportedly using Chinese models.

Advertisement

The DeepSeek AI app is shown on a smartphone screen with the Chinese flag in the background. (Dado Ruvic/Reuters)

IT’S TIME TO BAN CHINESE AI APP DEEPSEEK FROM ‘GOVERNMENT DEVICES,’ STATE AGS URGE CONGRESS

«The first link in the software supply chain is no longer the code. It’s the AI models behind it,» the Booz Allen report reads. «As U.S. developers increasingly rely on AI to generate, debug, and secure code, we must confront a fundamental question: can the AI models writing and powering our nation’s code be trusted?»

Advertisement

In an attempt to answer this question, Booz Allen compared four of the most widely used Chinese models — Kimi, Qwen, MiniMax and DeepSeek — against Anthropic’s Claude to test the security of the code they produced. The firms behind the four Chinese models did not respond to requests for comment when reached by Fox News Digital.

Qwen and MiniMax both produced code with significantly more vulnerabilities, increases of 130% and 20%, respectively, when they believed they were doing work for U.S. government employees as compared to a general prompt. DeepSeek, meanwhile, saw an increase of just 5% while Kimi produced code of a similar quality.

This means a government contractor relying on one of these models could unknowingly introduce coding flaws that make databases, applications or internal systems easier for hackers to exploit, potentially exposing sensitive American information.

Advertisement

The findings have drawn comparisons to so-called «sleeper agent» behavior where AI models appear to operate normally until exposed to a specific trigger that causes them to produce lower quality, or even deliberately insecure, outputs.

AI YOU USE EVERY DAY IS BIASED — AND IT’S QUIETLY SHAPING YOUR WORLDVIEW, NEW REPORT SAYS

Experts interviewed by Fox News Digital expressed a range of opinions on Booz Allen’s findings.

Advertisement

«While the raised risk categories are understandable, the report’s stronger claims are not fully supported as presented,» Lukasz Olejnik, a technology consultant who works as a senior research fellow at King’s College London, told Fox News Digital. «The report underplays the complexity of the issue.»

If Booz Allen’s report were accurate, and if code written by Chinese models had made its way into the American supply chain, it would make it easier for hackers to get their hands on data that could imperil national security or infringe on the privacy of everyday Americans.

Olejnik argued that the prompting used by Booz Allen was unnatural, saying that the firm’s methodology may have included «unnecessary political or institutional keyword triggers,» such as explicitly prompting models to believe a user is working for the FBI, that «may change outputs.» It is unlikely, he says, that an actual government agent would prompt the model in such a way.

Advertisement

Booz Allen claims that «testing model behaviors by introducing specific context is a best practice in both defensive and offensive evaluations.»

«I use various open-source models daily, including U.S. and Chinese,» the researcher, who holds a computer science Ph.D. from Inria, one of the world’s leading research institutions in the field, said. «Chinese models are so useful precisely because they are performant and freely available. Prohibiting open source models is not a good idea; it would stifle AI innovation and national security … The best approach to go beyond them is to encourage U.S. and EU companies to release their own high-capability open-weight models.»

Open source models made their underlying code directly viewable by users, allowing for security audits and edits, though even some open source programs harbor hidden vulnerabilities inserted by malicious actors.

Advertisement

ANTHROPIC’S MYTHOS AI FOUND OVER 2,000 UNKNOWN SOFTWARE VULNERABILITIES IN JUST SEVEN WEEKS OF TESTING

Computer screen displaying Anthropic website pages and company logos

Pages from the Anthropic website and the company’s logos are displayed on a computer screen in New York on Feb. 26, 2026. (Patrick Sison/AP Photo)

While Olejnik agreed that «model outputs can shift under variety of prompts,» he added that «insufficient evidence has been posted to verify the causal claims or generalize them to Chinese LLMs as a class.»

Lenart Heim, an independent researcher specializing in AI and semiconductors, was more open to Booz Allen’s findings.

Advertisement

«It seems like a credible study, and I don’t find the overall findings incredibly surprising,» the researcher told Fox News Digital.

DEEPSEEK AI BOT IS PART OF CHINA’S ‘UNRESTRICTED WARFARE’ DOCTRINE

China- Surveiilance

The flag of China is flown behind a pair of surveillance cameras outside the Central Government Offices. (Roy Liu/Bloomberg via Getty Images)

Heim, who holds a master’s in computer engineering from the prestigious ETH Zurich and was until recently a top AI researcher at the RAND Corporation, pointed to a similar study published by CrowdStrike in 2025, which found that politically sensitive trigger words caused DeepSeek to produce up to 50% more insecure code.

Advertisement

«The extreme version of what we’re worried about here is what researchers call ‘sleeper agents,’» Heim continued. «There’s an existing paper from Anthropic that demonstrates you can train models to behave normally until a specific trigger condition is met — say, a particular year or context — at which point they start writing insecure code.»

In the Booz Allen study, he explained, identifying oneself as a U.S. government agent was presented as such a trigger. Heim, however, said that he found it «pretty implausible that the Chinese developers intentionally implemented sleeper agents with these specific triggers,» suggesting that the increased code insecurity was a side effect of broader «CCP-aligned fine-tuning» and that «the security differential they found is probably not that large in practice.»

AI apps Claude, ChatGPT, and Gemini logos displayed

AI applications Claude, ChatGPT, and Gemini are shown in this image. The photo was taken by Samuel Boivin and provided by NurPhoto via Getty Images. (Samuel Boivin/NurPhoto via Getty Images)

AI MODELS CAN SECRETLY INFECT EACH OTHER

Advertisement

«It is certainly possible to implement sleeper agents in these models for specific situations to write insecure code,» he went on. «You might think: ‘Well, I won’t tell the model I’m in the US government — I’ll just ask it to write code.’ But as we move toward more agentic use, there will be lots of contextual information automatically fed to the model. You might give it an existing codebase, and that codebase often has a license header at the top that reveals which company or government agency it belongs to. That context could activate degraded behavior.»

A source at Booz Allen told Fox News Digital that the authors of the report defined «vulnerabilities» as «code that can be exploited by an attacker» to allow for «unauthorized access, data theft, system disruption, or control of the affected software.» The report looked at common security flaws such as «hardcoded passwords, SQL injection risks, missing security tokens, outdated encryption and disabled security checks.»

Booz Allen’s analysts used both manual verification and automated checks to quantify the number of vulnerabilities in programs produced by each model.

Advertisement

A representative for Booz Allen told Fox News Digital that their team accessed the Chinese models online rather than using downloading them directly to their machines and running them locally. Heim said that Chinese models accessed in this way may be more prone to bias.

HOUSE BIPARTISAN BILL DIRECTS NSA TO CREATE ‘AI SECURITY PLAYBOOK’ AMID CHINESE TECH RACE

Sen. Tom Cotton walking in the U.S. Capitol hallway

Sen. Tom Cotton, R-Ark., arrives for a vote in the U.S. Capitol on April 30, 2025, stating the war with Iran will continue for weeks as the U.S. limits their offensive capabilities. (Bill Clark/CQ-Roll Call, Inc via Getty Images)

The report also found that Chinese LLMs refused to perform tasks that could conflict with the interests of the Chinese government at significantly higher rates than Claude. Similar tests performed by others have netted similar results.

Advertisement

«Many Chinese LLMs learn from data shaped by China’s internet and Chinese government information controls,» the report notes. «Chinese law requires all AI models, training outputs, and data to reflect ‘Core Socialist Values.’»

Booz Allen recommended that the United States government take action to ban Chinese models for use on government or infrastructure work and recommended that contractors involved in such sectors, as well as the tech community generally, proactively work to remove code generated by such models from their supply chains. 

«A lower-cost model may look attractive upfront, especially for startups or cost-constrained engineering teams,» the report reads. «But that same model can become more expensive over time if it generates vulnerable code, creates uncertainty around data handling, or introduces behavior that standard enterprise controls do not easily catch.»

Advertisement

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Booz Allen’s point of view has some sympathizers on Capitol Hill.

«American companies shouldn’t build applications and write code with Chinese models, which introduce more cyber vulnerabilities,» Sen. Tom Cotton, R-Ark., told Fox News Digital when presented with Booz Allen’s report. «And the federal government should certainly not buy software from companies using Chinese coding tools.»

Advertisement

china, technologies, artificial intelligence

INTERNACIONAL

Arkansas takes home top ranking for religious freedom after Gov Sanders expands key protections

Published

on


NEWYou can now listen to Fox News articles!

FIRST ON FOX: Arkansas has been ranked the nation’s top state for religious liberty after Republican Gov. Sarah Huckabee Sanders signed a series of laws expanding faith protections that helped lift the state to the top.

Advertisement

Earning a score of 89.2%, Arkansas became one of only two states to earn the First Liberty Institute’s annual Religious Liberty in the States index’s first-ever «excellent» rating. The index evaluates states using 50 legal protections across 20 religious liberty safeguards spanning education, healthcare, family law, economic activity and other areas of daily life.

«Religious liberty is America’s First Freedom, and Arkansas is leading the nation in protecting it,» Sanders said.

«Our rights come from God, not government, and every American should be free to live according to their faith and conscience. We’ll continue defending that freedom and ensuring the Natural State remains the best place in the country to live, work and worship.»

Advertisement

AMERICA’S NEXT 250 YEARS DEPEND ON PASSING FAITH AND FREEDOM TO OUR CHILDREN

Governor Sarah Huckabee Sanders participates in the first-ever National Outdoor Recreation Executive Forum hosted by Outdoor Recreation Roundtable at Decatur House on May 7, 2024, in Washington, D.C. (Paul Morigi/Getty Images for Outdoor Recreation Roundtable)

The Natural State climbed six spots from last year’s rankings after lawmakers approved several measures expanding legal protections for religious exercise and conscience rights.

Advertisement

Arkansas’ rise was driven largely by Act 677, legislation Sanders signed last year that bars state and local governments from penalizing people, businesses and religious organizations for acting according to their religious beliefs regarding marriage and biological sex.

APPEALS COURT REVIVES LAWSUIT BY ALASKA AIRLINES FLIGHT ATTENDANTS FIRED AFTER OPPOSING PRIDE MESSAGE

Praying

A group of people hold hands in prayer. Arkansas topped a new religious liberty index after expanding faith and conscience protections. (iStock)

The state’s religious liberty push also included the Conscience Protection Act, signed by Sanders in 2023, which expanded Arkansas’ Religious Freedom Restoration Act by prohibiting state government discrimination against religious organizations based on their religious identity or status.

Advertisement

Kelly Shackelford, president, CEO and chief counsel at First Liberty, said other states should follow Arkansas’ lead and «strengthen religious liberty protections in their own states.»

«Religious liberty is best protected when leaders are willing to act before the rights of people of faith are threatened,» Shackelford said.

GOV SANDERS REVEALS ‘MAJOR BREAKTHROUGH’ ON EDUCATION AS RED STATE POSITIONS ITSELF AS ‘BLUEPRINT’ FOR NATION

Advertisement
Gov. Sarah Huckabee Sanders speaks at a podium at the RNC

Arkansas Gov. Sarah Huckabee Sanders speaking at the Republican National Convention in Milwaukee, Wisconsin, on July 17, 2024. (Victor J. Blue/Bloomberg via Getty Images)

Dr. Mark David Hall, director of the Religious Liberty in the States project, said Arkansas demonstrates how states can protect what America’s founders called «the sacred right of conscience,» allowing people to practice their faith not just at church, but in their everyday lives.

«States have always served as laboratories of liberty, and this year’s results show why that matters,» Hall said.

Sanders also publicly defended religious freedom in December. She rejected demands from the Freedom From Religion Foundation (FFRF), a group that advocates for the separation of church and state, to reverse her proclamation closing state offices for Christmas.

Advertisement

In a response letter previously obtained by Fox News Digital, Sanders pushed back on claims it was unconstitutional, saying «only by voicing our own faith and celebrating other faiths can we make our state’s diverse religious communities feel seen and heard.»

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

«With this index, citizens and legislators can see where their state is doing well, where it still has room to improve, and which existing laws could help better protect the right of conscience,» Dr. Paul D. Mueller, associate director of the Religious Liberty in the States project, said.

Advertisement

faith values, sarah sanders, politics, first amendment religion us, arkansas

Advertisement
Continue Reading

INTERNACIONAL

Bloqueo de Trump en Ormuz: Estados Unidos bombardea puertos iraníes y Teherán ataca petroleros en el estrecho

Published

on


Tras otra noche de ataques entre Estados Unidos e Irán, en la que la Guardia Revolucionaria Islámica de Irán afirmó haber atacado dos petroleros emiratíes en Ormuz y objetivos en Jordania y Bahréin, las ciudades portuarias iraníes de Bandar Abbas y Bushehr registraron explosiones este martes.

Los ataques en el Golfo suceden a la decisión de Donald Trump de imponer un nuevo bloqueo a Irán en el Estrecho de Ormuz y amenazar con imponer un peaje de 20% a los barcos que transiten el canal. En la cumbre de la OTAN la semana pasada, Trump también había anunciado que el alto el fuego con Irán estaba «terminado», pero que las conversaciones seguían con el país persa.

Advertisement

Irán y Estados Unidos se encuentran a casi la mitad del plazo de 60 días en el que debían negociar el fin definitivo de la guerra y un acuerdo sobre el controvertido programa nuclear iraní. En cambio, una serie de ataques en el estrecho han avivado los temores de un retorno a una guerra total y de mayores perturbaciones a la economía mundial.

Buques atacados

Advertisement

Este martes, los Emiratos Árabes Unidos calificaron el ataque a los barcos petroleros de «descarado» y añadieron que un miembro de la tripulación, de nacionalidad india, murió y otros ocho resultaron heridos.

El Ministerio de Defensa de los Emiratos Árabes Unidos informó que los dos petroleros fueron atacados con misiles de crucero iraníes mientras transitaban por el estrecho de Ormuz, en aguas de Omán.

El incidente resultó en la muerte de un tripulante indio y dejó a otros ocho heridos: seis indios y dos ucranianos, según indicó el ministerio.

Advertisement

Asimismo, señaló que ambos petroleros, el «Mombasa» y el «Al Bahiyah», sufrieron daños en los ataques, los cuales provocaron incendios a bordo.

Los Emiratos Árabes Unidos condenaron estos ataques «descarados», calificándolos de «grave violación» y «clara infracción» del derecho internacional, y añadieron que se reservan el «pleno derecho a responder» mediante «todas las medidas necesarias».

Posteriormente, el Cuerpo de la Guardia Revolucionaria Islámica de Irán (CGRI) confirmó los ataques a través de un comunicado en Telegram, afirmando que dos petroleros habían ignorado las advertencias, apagado sus sistemas de navegación e intentado atravesar una ruta minada.

Advertisement

Añadió que la «cooperación con el enemigo agresor» solo conduciría a arrepentimiento, daños y retrasos en la apertura del estrecho, además de provocar una «crisis energética mundial».

Una naviera noruega también informó que uno de sus petroleros fue atacado frente a las costas de Omán en la madrugada de este martes.

Stolt-Nielsen informó en un comunicado que el Stolt Magnesium fue alcanzado en el mar Arábigo aproximadamente al mismo tiempo que dos petroleros de los Emiratos.

Advertisement

El ataque provocó un incendio en la sala de máquinas del buque, según Stolt-Nielsen. Toda la tripulación a bordo resultó ilesa y fue localizada tras el ataque, según la naviera citada por Sky News.

Trump el «guardián del Estrecho de Ormuz»

Irán ya había atacado el domingo otro petrolero que se había aventurado a cruzar el estrecho de Ormuz por una ruta alternativa fuera de su control, cerca de Omán. Esto llevo a un nuevo cruce con EE.UU. sobre quién realmente controla el estrecho. En un puja casi personal, Trump decidió dar una vuelta de tuerca más: se proclamó guardián del Estrecho, reimpuso el bloqueo a Irán en Ormuz para que ningún barco entre ni salga de puertos iraníes e instaló un peaje.

Advertisement

Es la primera vez que EE.UU. dice que aplicará tarifas por el uso del estrecho. Siempre acusó a Irán de cobrar un peaje.

Una tasa del 20 por ciento sobre toda la carga que transite el estrecho sería un nuevo impuesto importante sobre los flujos energéticos globales y aumentaría el costo del petróleo y del gas mundiales.

Advertisement

Hasta el lunes, los funcionarios estadounidenses habían sido firmes en que el paso por el estrecho no debería requerir pagar peajes a nadie y que los esfuerzos de Irán por cobrar por el transporte marítimo eran inaceptables.

La declaración de Trump de que EE. UU. impondrá tasas abrió la puerta al ministro de Asuntos Exteriores iraní, Abbas Araghchi, quien escribió con ironía en X que «el presidente Trump tiene toda la razón. Quien proporcione el paso seguro y seguro de buques comerciales a través del Estrecho de Ormuz debe ser compensado por este servicio,» justificando así el reclamo iraní de cobrar peaje.

Advertisement

El canciller pareció burlarse de la frase exacta de Trump al decir que «Irán siempre ha sido el GUARDIÁN del Estrecho y lo seguirá siendo SIEMPRE. El 20% es, por supuesto, demasiado. Seremos justos.»

Según informó el Comando Central, este bloqueo afectará a cualquier buque que salga o se dirija a un puerto iraní. Durante el bloqueo anterior, buques de guerra estadounidenses interceptaron o hicieron dar la vuelta a más de 140 buques comerciales. En nueve casos en los que el barco no cumplía, el ejército disparó contra las salas de máquinas para inutilizarlas.

Advertisement
Continue Reading

INTERNACIONAL

‘Did you call 911?’ Tuberville recounts Graham’s frantic final phone call

Published

on


NEWYou can now listen to Fox News articles!

A Senate Republican added further detail to the late Sen. Lindsey Graham’s, R-S.C., final moments thanks to an unlikely connection.

Advertisement

Sen. Tommy Tuberville, R-Ala., revealed that it was a former member of his staff that called for medical assistance to aid Graham over the weekend, who died suddenly just after his return from an overseas trip.

«My former scheduler was Lindsey’s scheduler, and one of my staff members was with that scheduler the night Lindsey called,» Tuberville told reporters. «He called [and] basically said, ‘Listen, I’m having chest pains. You know, I need to do something.’ ‘Did you call 911?’ And he goes, ‘No, that’s the reason I called you.’»

GRAHAM REPORTEDLY REFUSED MEDICAL HELP BEFORE SCHEDULED TV APPEARANCE

Advertisement

Sen. Lindsey Graham, R-S.C., stands at the U.S. Capitol in Washington, D.C. (Aaron Schwartz/Bloomberg via Getty Images)

«And so she called 911 … By the time she got there, 911 had knocked the door down, and they were working on him,» he continued.

A preliminary cause of death was revealed Sunday evening. His office said that the longtime lawmaker had died from «aortic dissection due to arteriosclerotic cardiovascular disease.»

Advertisement

Aortic dissection is when a tear occurs in the inner wall of the aorta, the body’s main artery, and is a life-threatening medical emergency.

«Lindsey basically worked himself to death, most of us have families, he didn’t have any family,» Tuberville said. «And if we had a couple of days off, he went to that airport, and he went somewhere to try to work out something for our country.»

LINDSEY GRAHAM’S SISTER APPOINTED TO SENATE AS GOP RUSHES TO PROTECT FRAGILE MAJORITY

Advertisement

Axios reported that in one of Graham’s final conversations, he told an unnamed source that he was feeling unwell but wanted to wait until after his scheduled appearance on NBC’s «Meet the Press» to seek medical attention.

«I can’t die now. I still need to do the Russia sanctions, get Iran sorted out and do Israeli-Saudi normalization,» Graham said.

His death has rocked the Senate, where emotional tributes rolled in throughout the day on Monday, the upper chamber’s first day back in Washington, D.C., since recessing for the Fourth of July.

Advertisement

GRAHAM’S DEATH IGNITES GOP SCRAMBLE FOR SENATE SEAT AS TRUMP HINTS HE ALREADY HAS A FAVORITE

Sen. Tommy Tuberville

Sen. Tommy Tuberville, R-Ala., speaks to reporters as he returns to his office at the U.S. Capitol on Feb. 10, 2026, in Washington, D.C. (Kevin Dietsch/Getty Images)

Graham’s desk in the Senate, which is where the late Sen. John McCain, R-Ariz., his close friend, once sat, was draped with a black veil and a glass bowl of sharp white roses atop it.

Senate Majority Leader John Thune, R-S.D., in an emotional tribute to the late lawmaker, said that the «halls of the Senate already feel empty without him.»

Advertisement

«I am comforted by the knowledge that, in the end, he has just changed his address. And that one day, Mr. President,» Thune said through tears. «We will laugh together again.»

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Graham will be succeeded, temporarily, by his sister, Darline Graham Nordone. She is slated to be sworn in to the position on Tuesday after being tapped by South Carolina Gov. Henry McMaster to fill in for her late brother.

Advertisement

«I think this is what Lindsey would have wanted, and I plan to honor him in this way,» Nordone said during the ceremony in Columbia, South Carolina. «Now to Lindsey, I miss you more than I can even put into words. But I’m going to do this, I got it.»

politics, lindsey graham, senate elections, john thune, health

Continue Reading

Tendencias