Alibaba's ROME Incident:
"However, during training runs, Alibaba Cloud's firewall began flagging a burst of security violations."
"Researchers initially wrote these alerts off as a misconfiguration. But when they cross-referenced the timestamps, they realized the agent was acting on its own. ROME had established a 'reverse SSH tunnel,' a technique often used by hackers to create a secret, secure connection from inside a protected network to an outside server, ..."