One Word to Rule Them All: Researchers Hijack Robot Army With a Single Voice Command
A critical flaw in humanoid robots allows a single voice command to trigger a network-wide takeover. Chinese researchers demonstrated the vulnerability, highlighting a new era of physical threats from AI agent exploits.
A single whispered word could be all it takes to turn an army of advanced robots into a rogue force. This isn't a scene from a sci-fi thriller; it's a real-world demonstration by Chinese cybersecurity researchers, revealing a critical vulnerability that could allow spies to cause widespread chaos by turning one robot into a Trojan horse for an entire network.
The stunning exploit was showcased a few weeks ago at the GEEKCon cybersecurity competition in Shanghai. According to reports, researchers Qu Shipei and Xu Zikai from the security group DARKNAVY demonstrated how to seize control of a humanoid robot using only a verbal command. They then used the compromised machine to infect other internet-connected robots, manipulating the group to carry out malicious instructions.
The target was a commercially produced humanoid robot from China, priced at approximately 100,000 yuan (US$14,200). The researchers exploited a flaw within the robot’s built-in large-model agent, a sophisticated AI system designed to interpret and act on commands.
What is a large-model agent? It's an AI system that goes beyond conversational abilities like ChatGPT. It uses a large language model as its 'brain' to autonomously plan and execute multi-step tasks to achieve a goal, such as accessing the internet or controlling other connected devices.
The critical danger highlighted by the demonstration is the cascading effect. Once one robot is compromised, it can spread the infection to others on the same network. This turns a single-point failure into a systemic threat, capable of disabling everything from automated warehouses to future robotic security forces.
Authors
Related Articles
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
A small but growing group of developers has gone all-in on AI coding agents like Claude Code and OpenClaw. History suggests the rest of us won't be far behind.
Google is building AI agents that search the web proactively, without user prompting. That's not just a product update — it's a fundamental shift in who controls the information you receive.
Viral videos show 2026 graduates jeering executives who praise AI at commencement ceremonies. It's not just rudeness — it's a signal about who pays for technological optimism.
A critical vulnerability in Starlette—downloaded 325 million times per week—puts millions of AI agent servers at risk, exposing stored credentials for email, databases, and third-party services.
A small but growing group of developers has gone all-in on AI coding agents like Claude Code and OpenClaw. History suggests the rest of us won't be far behind.
Google is building AI agents that search the web proactively, without user prompting. That's not just a product update — it's a fundamental shift in who controls the information you receive.
Viral videos show 2026 graduates jeering executives who praise AI at commencement ceremonies. It's not just rudeness — it's a signal about who pays for technological optimism.
Thoughts
Share your thoughts on this article
Sign in to join the conversation