INTERNACIONAL
Chinese AI models raise ‘sleeper agent’ fears after report finds more vulnerable code for US users

NEWYou can now listen to Fox News articles!
Chinese AI models used to write code may be creating a hidden security risk for U.S. companies, federal officials and government contractors, per a new report published by a major defense contractor specializing in cyber security.
Booz Allen published a report in late May warning the federal government, private software developers and workers in critical industries that the presence of code written by popular Chinese AI models within the supply chain may be making the United States more vulnerable to bad faith actors. These vulnerabilities aren’t simple backdoors, Booz Allen reports, but rather come in the form of Chinese large language models producing lower-quality, and thus easier to breach, code when they believe they are being prompted by an American.
Chinese models are generally cheaper than their Western counterparts and work well enough to keep companies interested, a dynamic that has led to increased adoption in the United States and put some policymakers and national security experts on edge.
«I’d say there’s an 80% chance they’re using a Chinese open-source model,» Martin Casado, a general partner at the major venture capital firm Andreessen Horowitz, said in November 2025 when asked about their prevalence among start ups. Major U.S. firms such as Meta, Airbnb and Perplexity are also reportedly using Chinese models.
The DeepSeek AI app is shown on a smartphone screen with the Chinese flag in the background. (Dado Ruvic/Reuters)
IT’S TIME TO BAN CHINESE AI APP DEEPSEEK FROM ‘GOVERNMENT DEVICES,’ STATE AGS URGE CONGRESS
«The first link in the software supply chain is no longer the code. It’s the AI models behind it,» the Booz Allen report reads. «As U.S. developers increasingly rely on AI to generate, debug, and secure code, we must confront a fundamental question: can the AI models writing and powering our nation’s code be trusted?»
In an attempt to answer this question, Booz Allen compared four of the most widely used Chinese models — Kimi, Qwen, MiniMax and DeepSeek — against Anthropic’s Claude to test the security of the code they produced. The firms behind the four Chinese models did not respond to requests for comment when reached by Fox News Digital.
Qwen and MiniMax both produced code with significantly more vulnerabilities, increases of 130% and 20%, respectively, when they believed they were doing work for U.S. government employees as compared to a general prompt. DeepSeek, meanwhile, saw an increase of just 5% while Kimi produced code of a similar quality.
This means a government contractor relying on one of these models could unknowingly introduce coding flaws that make databases, applications or internal systems easier for hackers to exploit, potentially exposing sensitive American information.
The findings have drawn comparisons to so-called «sleeper agent» behavior where AI models appear to operate normally until exposed to a specific trigger that causes them to produce lower quality, or even deliberately insecure, outputs.
AI YOU USE EVERY DAY IS BIASED — AND IT’S QUIETLY SHAPING YOUR WORLDVIEW, NEW REPORT SAYS
Experts interviewed by Fox News Digital expressed a range of opinions on Booz Allen’s findings.
«While the raised risk categories are understandable, the report’s stronger claims are not fully supported as presented,» Lukasz Olejnik, a technology consultant who works as a senior research fellow at King’s College London, told Fox News Digital. «The report underplays the complexity of the issue.»
If Booz Allen’s report were accurate, and if code written by Chinese models had made its way into the American supply chain, it would make it easier for hackers to get their hands on data that could imperil national security or infringe on the privacy of everyday Americans.
Olejnik argued that the prompting used by Booz Allen was unnatural, saying that the firm’s methodology may have included «unnecessary political or institutional keyword triggers,» such as explicitly prompting models to believe a user is working for the FBI, that «may change outputs.» It is unlikely, he says, that an actual government agent would prompt the model in such a way.
Booz Allen claims that «testing model behaviors by introducing specific context is a best practice in both defensive and offensive evaluations.»
«I use various open-source models daily, including U.S. and Chinese,» the researcher, who holds a computer science Ph.D. from Inria, one of the world’s leading research institutions in the field, said. «Chinese models are so useful precisely because they are performant and freely available. Prohibiting open source models is not a good idea; it would stifle AI innovation and national security … The best approach to go beyond them is to encourage U.S. and EU companies to release their own high-capability open-weight models.»
Open source models made their underlying code directly viewable by users, allowing for security audits and edits, though even some open source programs harbor hidden vulnerabilities inserted by malicious actors.
ANTHROPIC’S MYTHOS AI FOUND OVER 2,000 UNKNOWN SOFTWARE VULNERABILITIES IN JUST SEVEN WEEKS OF TESTING

Pages from the Anthropic website and the company’s logos are displayed on a computer screen in New York on Feb. 26, 2026. (Patrick Sison/AP Photo)
While Olejnik agreed that «model outputs can shift under variety of prompts,» he added that «insufficient evidence has been posted to verify the causal claims or generalize them to Chinese LLMs as a class.»
Lenart Heim, an independent researcher specializing in AI and semiconductors, was more open to Booz Allen’s findings.
«It seems like a credible study, and I don’t find the overall findings incredibly surprising,» the researcher told Fox News Digital.
DEEPSEEK AI BOT IS PART OF CHINA’S ‘UNRESTRICTED WARFARE’ DOCTRINE

The flag of China is flown behind a pair of surveillance cameras outside the Central Government Offices. (Roy Liu/Bloomberg via Getty Images)
Heim, who holds a master’s in computer engineering from the prestigious ETH Zurich and was until recently a top AI researcher at the RAND Corporation, pointed to a similar study published by CrowdStrike in 2025, which found that politically sensitive trigger words caused DeepSeek to produce up to 50% more insecure code.
«The extreme version of what we’re worried about here is what researchers call ‘sleeper agents,’» Heim continued. «There’s an existing paper from Anthropic that demonstrates you can train models to behave normally until a specific trigger condition is met — say, a particular year or context — at which point they start writing insecure code.»
In the Booz Allen study, he explained, identifying oneself as a U.S. government agent was presented as such a trigger. Heim, however, said that he found it «pretty implausible that the Chinese developers intentionally implemented sleeper agents with these specific triggers,» suggesting that the increased code insecurity was a side effect of broader «CCP-aligned fine-tuning» and that «the security differential they found is probably not that large in practice.»

AI applications Claude, ChatGPT, and Gemini are shown in this image. The photo was taken by Samuel Boivin and provided by NurPhoto via Getty Images. (Samuel Boivin/NurPhoto via Getty Images)
AI MODELS CAN SECRETLY INFECT EACH OTHER
«It is certainly possible to implement sleeper agents in these models for specific situations to write insecure code,» he went on. «You might think: ‘Well, I won’t tell the model I’m in the US government — I’ll just ask it to write code.’ But as we move toward more agentic use, there will be lots of contextual information automatically fed to the model. You might give it an existing codebase, and that codebase often has a license header at the top that reveals which company or government agency it belongs to. That context could activate degraded behavior.»
A source at Booz Allen told Fox News Digital that the authors of the report defined «vulnerabilities» as «code that can be exploited by an attacker» to allow for «unauthorized access, data theft, system disruption, or control of the affected software.» The report looked at common security flaws such as «hardcoded passwords, SQL injection risks, missing security tokens, outdated encryption and disabled security checks.»
Booz Allen’s analysts used both manual verification and automated checks to quantify the number of vulnerabilities in programs produced by each model.
A representative for Booz Allen told Fox News Digital that their team accessed the Chinese models online rather than using downloading them directly to their machines and running them locally. Heim said that Chinese models accessed in this way may be more prone to bias.
HOUSE BIPARTISAN BILL DIRECTS NSA TO CREATE ‘AI SECURITY PLAYBOOK’ AMID CHINESE TECH RACE

Sen. Tom Cotton, R-Ark., arrives for a vote in the U.S. Capitol on April 30, 2025, stating the war with Iran will continue for weeks as the U.S. limits their offensive capabilities. (Bill Clark/CQ-Roll Call, Inc via Getty Images)
The report also found that Chinese LLMs refused to perform tasks that could conflict with the interests of the Chinese government at significantly higher rates than Claude. Similar tests performed by others have netted similar results.
«Many Chinese LLMs learn from data shaped by China’s internet and Chinese government information controls,» the report notes. «Chinese law requires all AI models, training outputs, and data to reflect ‘Core Socialist Values.’»
Booz Allen recommended that the United States government take action to ban Chinese models for use on government or infrastructure work and recommended that contractors involved in such sectors, as well as the tech community generally, proactively work to remove code generated by such models from their supply chains.
«A lower-cost model may look attractive upfront, especially for startups or cost-constrained engineering teams,» the report reads. «But that same model can become more expensive over time if it generates vulnerable code, creates uncertainty around data handling, or introduces behavior that standard enterprise controls do not easily catch.»
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Booz Allen’s point of view has some sympathizers on Capitol Hill.
«American companies shouldn’t build applications and write code with Chinese models, which introduce more cyber vulnerabilities,» Sen. Tom Cotton, R-Ark., told Fox News Digital when presented with Booz Allen’s report. «And the federal government should certainly not buy software from companies using Chinese coding tools.»
china, technologies, artificial intelligence
INTERNACIONAL
Arkansas takes home top ranking for religious freedom after Gov Sanders expands key protections

NEWYou can now listen to Fox News articles!
FIRST ON FOX: Arkansas has been ranked the nation’s top state for religious liberty after Republican Gov. Sarah Huckabee Sanders signed a series of laws expanding faith protections that helped lift the state to the top.
Earning a score of 89.2%, Arkansas became one of only two states to earn the First Liberty Institute’s annual Religious Liberty in the States index’s first-ever «excellent» rating. The index evaluates states using 50 legal protections across 20 religious liberty safeguards spanning education, healthcare, family law, economic activity and other areas of daily life.
«Religious liberty is America’s First Freedom, and Arkansas is leading the nation in protecting it,» Sanders said.
«Our rights come from God, not government, and every American should be free to live according to their faith and conscience. We’ll continue defending that freedom and ensuring the Natural State remains the best place in the country to live, work and worship.»
AMERICA’S NEXT 250 YEARS DEPEND ON PASSING FAITH AND FREEDOM TO OUR CHILDREN
Governor Sarah Huckabee Sanders participates in the first-ever National Outdoor Recreation Executive Forum hosted by Outdoor Recreation Roundtable at Decatur House on May 7, 2024, in Washington, D.C. (Paul Morigi/Getty Images for Outdoor Recreation Roundtable)
The Natural State climbed six spots from last year’s rankings after lawmakers approved several measures expanding legal protections for religious exercise and conscience rights.
Arkansas’ rise was driven largely by Act 677, legislation Sanders signed last year that bars state and local governments from penalizing people, businesses and religious organizations for acting according to their religious beliefs regarding marriage and biological sex.
APPEALS COURT REVIVES LAWSUIT BY ALASKA AIRLINES FLIGHT ATTENDANTS FIRED AFTER OPPOSING PRIDE MESSAGE

A group of people hold hands in prayer. Arkansas topped a new religious liberty index after expanding faith and conscience protections. (iStock)
The state’s religious liberty push also included the Conscience Protection Act, signed by Sanders in 2023, which expanded Arkansas’ Religious Freedom Restoration Act by prohibiting state government discrimination against religious organizations based on their religious identity or status.
Kelly Shackelford, president, CEO and chief counsel at First Liberty, said other states should follow Arkansas’ lead and «strengthen religious liberty protections in their own states.»
«Religious liberty is best protected when leaders are willing to act before the rights of people of faith are threatened,» Shackelford said.
GOV SANDERS REVEALS ‘MAJOR BREAKTHROUGH’ ON EDUCATION AS RED STATE POSITIONS ITSELF AS ‘BLUEPRINT’ FOR NATION

Arkansas Gov. Sarah Huckabee Sanders speaking at the Republican National Convention in Milwaukee, Wisconsin, on July 17, 2024. (Victor J. Blue/Bloomberg via Getty Images)
Dr. Mark David Hall, director of the Religious Liberty in the States project, said Arkansas demonstrates how states can protect what America’s founders called «the sacred right of conscience,» allowing people to practice their faith not just at church, but in their everyday lives.
«States have always served as laboratories of liberty, and this year’s results show why that matters,» Hall said.
Sanders also publicly defended religious freedom in December. She rejected demands from the Freedom From Religion Foundation (FFRF), a group that advocates for the separation of church and state, to reverse her proclamation closing state offices for Christmas.
In a response letter previously obtained by Fox News Digital, Sanders pushed back on claims it was unconstitutional, saying «only by voicing our own faith and celebrating other faiths can we make our state’s diverse religious communities feel seen and heard.»
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
«With this index, citizens and legislators can see where their state is doing well, where it still has room to improve, and which existing laws could help better protect the right of conscience,» Dr. Paul D. Mueller, associate director of the Religious Liberty in the States project, said.
faith values, sarah sanders, politics, first amendment religion us, arkansas
INTERNACIONAL
Bloqueo de Trump en Ormuz: Estados Unidos bombardea puertos iraníes y Teherán ataca petroleros en el estrecho

INTERNACIONAL
‘Did you call 911?’ Tuberville recounts Graham’s frantic final phone call

A closer look at the ‘aortic dissection’ that killed Sen. Lindsey Graham
Fox News Senior Medical Analyst Dr. Marc Siegel clarifies Sen. Lindsey Graham’s preliminary cause of death: a ruptured aorta due to cardiovascular disease. Siegel thoroughly explains the rare condition of aortic dissection and discusses common risk factors like high blood pressure and plaque. He advises on preventative health measures and regular check-ups, emphasizing what Graham would want people to consider their health.
NEWYou can now listen to Fox News articles!
A Senate Republican added further detail to the late Sen. Lindsey Graham’s, R-S.C., final moments thanks to an unlikely connection.
Sen. Tommy Tuberville, R-Ala., revealed that it was a former member of his staff that called for medical assistance to aid Graham over the weekend, who died suddenly just after his return from an overseas trip.
«My former scheduler was Lindsey’s scheduler, and one of my staff members was with that scheduler the night Lindsey called,» Tuberville told reporters. «He called [and] basically said, ‘Listen, I’m having chest pains. You know, I need to do something.’ ‘Did you call 911?’ And he goes, ‘No, that’s the reason I called you.’»
GRAHAM REPORTEDLY REFUSED MEDICAL HELP BEFORE SCHEDULED TV APPEARANCE
Sen. Lindsey Graham, R-S.C., stands at the U.S. Capitol in Washington, D.C. (Aaron Schwartz/Bloomberg via Getty Images)
«And so she called 911 … By the time she got there, 911 had knocked the door down, and they were working on him,» he continued.
A preliminary cause of death was revealed Sunday evening. His office said that the longtime lawmaker had died from «aortic dissection due to arteriosclerotic cardiovascular disease.»
Aortic dissection is when a tear occurs in the inner wall of the aorta, the body’s main artery, and is a life-threatening medical emergency.
«Lindsey basically worked himself to death, most of us have families, he didn’t have any family,» Tuberville said. «And if we had a couple of days off, he went to that airport, and he went somewhere to try to work out something for our country.»
LINDSEY GRAHAM’S SISTER APPOINTED TO SENATE AS GOP RUSHES TO PROTECT FRAGILE MAJORITY
Axios reported that in one of Graham’s final conversations, he told an unnamed source that he was feeling unwell but wanted to wait until after his scheduled appearance on NBC’s «Meet the Press» to seek medical attention.
«I can’t die now. I still need to do the Russia sanctions, get Iran sorted out and do Israeli-Saudi normalization,» Graham said.
His death has rocked the Senate, where emotional tributes rolled in throughout the day on Monday, the upper chamber’s first day back in Washington, D.C., since recessing for the Fourth of July.
GRAHAM’S DEATH IGNITES GOP SCRAMBLE FOR SENATE SEAT AS TRUMP HINTS HE ALREADY HAS A FAVORITE

Sen. Tommy Tuberville, R-Ala., speaks to reporters as he returns to his office at the U.S. Capitol on Feb. 10, 2026, in Washington, D.C. (Kevin Dietsch/Getty Images)
Graham’s desk in the Senate, which is where the late Sen. John McCain, R-Ariz., his close friend, once sat, was draped with a black veil and a glass bowl of sharp white roses atop it.
Senate Majority Leader John Thune, R-S.D., in an emotional tribute to the late lawmaker, said that the «halls of the Senate already feel empty without him.»
«I am comforted by the knowledge that, in the end, he has just changed his address. And that one day, Mr. President,» Thune said through tears. «We will laugh together again.»
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Graham will be succeeded, temporarily, by his sister, Darline Graham Nordone. She is slated to be sworn in to the position on Tuesday after being tapped by South Carolina Gov. Henry McMaster to fill in for her late brother.
«I think this is what Lindsey would have wanted, and I plan to honor him in this way,» Nordone said during the ceremony in Columbia, South Carolina. «Now to Lindsey, I miss you more than I can even put into words. But I’m going to do this, I got it.»
politics, lindsey graham, senate elections, john thune, health
DEPORTE2 días ago“Hablame bien”: el tenso cruce de Lionel Messi con el árbitro en la victoria de Argentina ante Suiza en el Mundial
CHIMENTOS2 días agoEl álbum de las vacaciones soñadas de Darío Barassi con su familia: “Ibiza, nos vas enamorando”
ECONOMIA2 días agoEl petróleo sube más de 3% tras la reanudación de los ataques de EEUU contra Irán y la amenaza de cierre del estrecho de Ormuz

















