The Coup Starts in Your Feed

Resistance Media

06/03/2026

It sounds like some sort of riddle.

It’s literally right in front of us every day yet increasingly difficult to see.

It could be in the Substack feed you found this post in. Or in comments to your latest Facebook post. In that latest news item on X, TikTok or Bluesky. In Reddit communities, your latest YouTube search, or Instagram memes. And increasingly, it may be shaping the results delivered by your AI chatbot of choice.

The answer to this riddle is synthetic content – AI-generated text, images, audio, video and interactive agents.

Now, rapidly advancing capabilities of Large Language Models (LLMs) and AI are at the heart of what could be the most dangerous sleeper threat to the upcoming midterm elections: AI Swarms.

An AI swarm is a network of AI‑controlled agents – each with its own persistent identity and memory – that can coordinate on shared objectives while varying tone and content, adapting to human responses and operating across multiple platforms with minimal oversight.

It works by fusing LLM “reasoning” with multi‑agent architectures, so that these agents can autonomously infiltrate communities, track engagement and fabricate the appearance of social consensus in real time, mimicking authentic human social interaction instead of obvious copy‑paste bots.

Researchers warn this is an exponential step in information warfare because it lets malicious actors manipulate beliefs and behaviors on a population‑wide scale with unprecedented precision and persistence. These agentic agents replace crude mass messaging with coordinated, adaptive, swarm‑level operations that can quietly distort democratic discourse.

As AI capabilities race ahead of what the public and governments can understand or regulate, the next two U.S. election cycles are likely to be unusually exposed and vulnerable to these emerging tools.

The situation is compounded by the Trump administration’s methodical dismantling of the nation’s core cyber security infrastructure. Just as malicious swarms and synthetic media are scaling up, the government is scaling down the very institutions meant to detect, coordinate against, and recover from such attacks.

While laws and regulations will likely expand and become more effective in mitigating the worse impacts of AI Swarms in the future, sophisticated opponents of democracy are adapting these technologies in real time into weapons to direct coordinated influence operations targeting American citizens.

The goal of these new forms of synthetic content, like that of the deep fakes and bots we are already swimming in, is not only to push specific narratives and create false consensus, but to create an ambient fog of disinformation that will spread confusion, suspicion, and fear and delegitimize the institutions our democracy depends on.

Hannah Arendt saw this strategy coming long before social media. Writing about totalitarian regimes, she argued that the ultimate aim is not to replace truth with lies, but to destroy our capacity to tell the difference. “The ideal subject of totalitarian rule,” she wrote, is not the true believer, but the person “for whom the distinction between fact and fiction, true and false, no longer exists.”

Malicious AI Swarms

In a groundbreaking research paper published in Science in January, 2026, the authors use the phrase “malicious AI swarms” to describe what they call “a new frontier in information warfare.”

The 22 scholars and researchers wrote:

Advances in artificial intelligence (AI) offer the prospect of manipulating beliefs and behaviors on a population-wide level. Large language models (LLMs) and autonomous agents let influence campaigns reach unprecedented scale and precision.

Generative tools can expand propaganda output without sacrificing credibility and inexpensively create falsehoods that are rated as more human-like than those written by humans.

Techniques meant to refine AI reasoning, such as chain-of-thought prompting, can be used to generative, malicious AI agents.

Fusing LLM reasoning with multiagent architectures, these systems are capable of coordinating autonomously, infiltrating communities, and fabricating consensus efficiently. By adaptively mimicking human social dynamics, they threaten democracy.

The paper detailed how these new AI swarms operate:

• A single adversary could operate thousands of AI personas, scheduling content and updating narrative frames across fleets.
• Agents of a swarm can employ systems that map social network structures at scale and infiltrate vulnerable communities with tailored appeals, winning followers.
• Using human-level mimicry, photorealistic avatars, context-appropriate slang, and posting rhythms, swarms circumvent the older detectors flag.
• Swarms may become increasingly self-optimizing, harvesting real-time engagement data, recommender cues, or user feedback.
• In cognitive warfare, AI’s relentless operational endurance becomes a weapon against limited human efforts.

For elections, that combination of reach, realism, and rapid experimentation opens up new attack vectors. Envision a single operator using a swarm to join local Facebook groups, Discord servers, and encrypted chat channels, posing as concerned parents, small‑business owners, veterans, or members of diaspora communities.

Over weeks or months, the swarm seeds doubts about mail‑in voting in one district, amplifies a deepfake video in another and quietly harasses or distracts key organizers and journalists in a third. Now imagine more than one operator.

As AI governance expert Marco Camisani Calzolari explains:

These agents no longer fit the concept of automation, because they make decisions, they radically change the text based on the recipient. They aggregate data from heterogeneous sources in real time: social profiles, public records, leaked databases that you can now buy for a few dollars on any dark web marketplace.

Consider that a single agent with access to a language model and a couple of leaked databases can produce thousands of unique pieces of content per day, each calibrated for a different person. Multiply that by a hundred thousand agents working in parallel, twenty-four hours a day, and you have the scale of what’s happening.

The Shifting Front Line of Information Warfare

Cambridge Analytica was run by a political consultancy scraping Facebook likes to build psychographic profiles and micro‑target persuadable voters. In hindsight, that operation looks almost quaint. 

Russia’s Internet Research Agency, the St. Petersburg “troll farm” that loomed so large over the 2016 election, feels obsolete for the same reason. Investigations at the time described hundreds of employees working 12‑hour shifts from desktops, posting in Facebook groups and comment sections to inflame racial grievances, sow confusion and depress turnout.

Instead of a warehouse full of human trolls, foreign governments, far-right groups, dark money rogue actors and criminal enterprises can now launch a swarm of AI agentic agents that never sleep, localize their language, and A/B test narratives at machine speed.

This new wave is automated, adaptive, and tightly coupled to our information infrastructure. Security and policy researchers increasingly describe this as a form of cognitive warfare: campaigns designed not just to persuade, but to probe and exploit psychological vulnerabilities in entire populations.

Cognitive warfare treats human perception, emotion, and judgment as the primary battlespace rather than territory or military hardware. NATO defines it as operations synchronized with other instruments of power “to affect attitudes and behaviors, by influencing, protecting, or disrupting individual, group, or population level cognition, to gain an advantage over an adversary.” 

Rather than destroying tanks or seizing cities, cognitive operations aim at how people observe, interpret, decide, and act – using disinformation, psychological operations, social‑media manipulation, and AI‑driven micro‑targeting to shape what seems real, what feels urgent, and which choices appear available.

Russian intelligence and military planners explicitly fold psychological and information operations into a concept they call information confrontation – treating the information environment as a domain of continuous conflict in peace and war alike. Russian “active measures” describe a toolkit that includes hacking and leaking political documents, running state media outlets like RT and Sputnik as propaganda channels, and orchestrating armies of paid trolls and bots to flood foreign social media with polarizing content. 

Russian doctrinal writings cited in Western studies talk about targeting “segments of an enemy’s population and government in order to distort their worldview, weaken and destroy the foundations of their national identity and way of life, and disrupt their ability to resist aggression.”

This is increasingly described as a long‑term strategy of eroding social cohesion and shared reality, not just winning a single news cycle or battle.

Flooding the Zone With Pink Slime

“The Democrats don’t matter… The real opposition is the media. And the way to deal with them is to flood the zone with shit.” —Steve Bannon

NewsGuard analysts have found that the number of so-called “pink slime” websites, those that present themselves as neutral local news outlets but are backed by or tied to partisan groups or hostile governments, now outnumber the number of daily local newspapers in the United States.

As of June 2024, NewsGuard had identified 1,265 pink slime outlets across the country, officially surpassing the 1,213 daily newspapers left operating in the U.S.

These websites, named after a meat byproduct used as filler in meat-packing plants, started at least as early as 2004 when Brian Timpone, a former television reporter, started funding websites featuring names of cities, towns and regions like the Philly Leader and the South Alabama Times.

According to NewsGuard, Timpone’s company, Metric Media, now operates more than 1,000 such websites and his private equity company receives funding from conservative political action committees.

A 2024 Tow Center investigation found that political action committees and nonprofit organizations spent more than $14 million on Metric Media’s partisan local‑news network in the 2021–22 cycle, paying the company and its affiliates for what are essentially campaign services disguised as journalism. 

Earlier Tow Center work documented at least $1.6 million in election‑year spending from PACs backed by oil‑and‑gas and shipping magnates, routed into the same network of pseudo‑news outlets. 

These payments, visible in FEC reports and IRS filings, sit on top of a broader dark‑money landscape in which anonymous donors use 501(c)(4) groups and Super PACs to bankroll messaging operations that look like independent media rather than campaign ads. The far‑right “money trails” behind the synthetic news outlets show up as line items for obscure vendors and shell nonprofits in campaign‑finance data.

The Columbia Journalism Review reported:

Not only does the Metric Media/Pipeline Media network provide a news platform for campaigns and advocacy causes, it also provides a slew of services: creating websites, running Facebook ads, filing FOIA requests, and other campaign-related services, including robocalling, text messaging, and publishing and delivering physical newspapers in support of specific issues or candidates. In 2024, the network has run more than 150 ads linking to the Uihlein-funded Restoration of America website through its Facebook pages.

As detailed in Jacobin, Greenpeace argued in court that another Metric Media synthetic news operation, Central ND News, was explicitly published to give Energy Transfer, the company behind the Dakota Access Pipeline, an advantage over the environmental organization. Greenpeace played a significant role in the protests on the Standing Rock Sioux reservation that attempted to halt the construction of the 1,170-mile pipeline in 2016 and 2017.

Deep Fakes Poisoning Campaigns

Early in the 2026 election season, generative AI content is playing an increasingly aggressive role in primary battles. 

According to CNN, “The National Republican Senatorial Committee’s deepfake of James Talarico, the Democratic nominee in the US Senate race in Texas, is only the latest in a series of AI-generated creations from the national GOP campaign organization in the past year. But it’s the first featuring a phony version of a candidate talking in a lifelike manner for so long – an example of how far AI technology has come in a short time and an indicator of the direction attack ads may be heading.”

In the recent New York City mayoral race, accounts across several social media platforms tied to a shadowy group called Citizens Against Mamdani, posted AI generated deep fake video testimonials from “New Yorkers” criticizing Mamdani. The synthetic avatars blamed the candidate for what they alleged was his anti-Americanism, plans to hike taxes and “false promises” on rent and transportation. Featuring some of the city’s classic accents, the videos attempted to portray the opposition as diverse and widespread.

Emmanuelle Saliba, chief investigative officer at GetReal Security, a cybersecurity firm that analyzes deepfakes, told Fast Company “GenAI has made such significant progress that campaigns and activists can use text-to-video to create hyperrealistic videos of supporters or detractors, and online consumers will be none the wiser.” The (anti-Mandami) online campaign shows how generative AI has, in essence, democratized astroturfing. “Astroturfing has been automated, and it’s pretty much undetectable without technology,” she said. 

Axios and social‑media reporting has revealed that AIPAC’s super PACs have poured tens of millions into hard‑hitting primary ads this season, with posts featuring AI‑generated or heavily AI‑edited ads targeting critics of Israeli policy. Rep. Thomas Massie, who lost his primary to a Trump-backed opponent, has accused the Israel lobby of using AI deepfake ads against him in his Kentucky race.

There is a hybrid ecosystem in which domestic dark money, foreign governments and criminal or mercenary actors are all deploying the same AI tools and often operating in the same spaces. 

An extensive New York Times report revealed that artificial intelligence has already been used to shape or disrupt elections in more than 50 countries, including AI‑generated images in Canada, Russian‑linked fake news posts in Poland, AI‑driven disinformation and rerun elections in Romania, and fabricated videos in the U.S.

Russian state‑aligned outlets like RT have begun experimenting with “deepfake personas,” fully synthetic avatars used as on‑air presenters and social‑media influencers, alongside more traditional information operations run through embassies, front media brands, PR firms and paid local proxies.

An Unprotected Midterm Election

At the same time that the emerging AI swarm threat is being directed at American citizens, the country has never been more vulnerable.

The Trump administration has steadily dismantled much of the federal capacity built after 2016 to protect U.S. elections and critical infrastructure from foreign cyberattacks and influence operations.

In early 2025, the Cybersecurity and Infrastructure Security Agency (CISA), a component of the Department of Homeland Security, cut roughly $10 million in annual funding to the Center for Internet Security (CIS), defunding the Election Infrastructure Information Sharing and Analysis Center (EI‑ISAC) and reducing support for the Multi‑State ISAC (MS‑ISAC). 

Those ISACs have served as the main clearinghouses for cyber‑threat intelligence, monitoring, incident response and coordination for state and local government systems, including election infrastructure.

Across Trump’s 2026 and 2027 budget proposals, the White House is seeking about $1.2 billion in cumulative additional cuts to CISA, slashing 1,000 more positions and zeroing out many of the programs that support state and local officials on election security.

Former federal officials warn that eliminating those teams, along with regional engagement and analysis units, will significantly weaken the country’s ability to manage cyber risk and detect foreign influence operations in real time.

With the 2026 midterms approaching, state election officials warn that this combination of shrinking federal support and persistent and increasingly pervasive malicious activity leaves them with fewer tools and less coordination to respond to digital threats than they had in either 2020 or 2024.

Against AI‑driven “swarms,” the U.S. has some protections but nothing like a comprehensive shield. Trump’s targets: CIS’s MS‑ISAC and EI‑ISAC, still retain a weakened capacity to detect and block infrastructure that swarms rely on.

Academic and NGO labs are getting better at mapping coordinated inauthentic behavior and AI‑enabled influence operations across platforms. Reports like the Centre for Emerging Technology and Security’s AI‑Enabled Influence Operations: Safeguarding Future Elections are valuable playbooks.

As we move into the 2026 midterms with voters facing an explosion of AI-generated disinformation, the U.S. lacks any unified capacity to detect and respond to narrative shaping at population scale in real time. 

CIS and EI‑ISAC are built to protect networks, not centrally track which stories millions of Americans are seeing. The academic/NGO ecosystem has sophisticated analytic tools but limited reach and no power to enforce changes. The multi-trillion dollar Silicon Valley behemoths track records on AI labeling and election integrity remain weak, fragmented and inconsistently applied. 

According to the Science researchers, the threats are ominous:

…Swarms can cheaply unleash coordinated synthetic harassment that relentlessly targets politicians, dissidents, academics, whistleblowers, journalists, and their networks with overwhelming, tailored abuse. Unlike conventional trolling, these swarms appear spontaneous while actually orchestrated by thousands of AI personas adapting to target responses. 

By the time monitoring teams distinguish AI campaigns from organic criticism, targets may have withdrawn from public life, delivering substantial victories for campaign operators while systematically excluding critical voices from democratic discourse.

They suggest that as trust, already declining, collapses, fear, uncertainty and doubt can drive users into gated channels or silence. When citizens realize that vast proportions of online content may be AI-generated, trust in platforms and users will decline further. 

“Taken to extremes,” they argue, “coordinated doubt may corrode institutional legitimacy and open the door to “emergency” measures like postponing elections and rejecting certified results may become palatable, especially if deepfake endorsements from fabricated civic leaders amplify the call.”

As Marco Camisani Calzolari observes:

We grew up thinking that threats to democracy came from coups, censorship, or regime propaganda broadcast on television or in national newspapers. Those were real threats, but they were at least visible. They were things you could identify and fight. Now the threat is bigger and, above all, invisible, personalized, and it operates inside the very channels we use to inform ourselves, to discuss, to participate. It contaminates information from within, to the point where nobody knows which voices are real and which are machines.

Tools Every Voter Should Bookmark Before November 2026

“Defending democracy must include defending how society forms its judgments.”—“How malicious AI swarms can threaten democracy”

• UNC CITAP Electoral Information Toolkit – A curated, nonpartisan hub with fact‑checking tools, media‑literacy guides, and resources on recognizing and countering electoral misinformation. Use this as your starting point when you see a suspicious election claim.

• Brennan Center Election Security Resources – Clear, nonpartisan explainers on how elections work, real vulnerabilities vs. myths, and concrete steps to strengthen election security and resilience.

• Public Citizen Deepfakes in Elections Legislation Tracker – A live tracker of federal and state bills regulating political deepfakes, so you can see what protections your state has (or doesn’t have) against synthetic campaign content.

• CISA “Election Security Rumor vs. Reality” – Official federal myth‑busting about recurring narratives (hacked machines, flipped votes, etc.), explaining in plain language how U.S. election infrastructure is actually secured. (UPDATE: Removed by Trump Administration)

• Independent fact‑checking sites – Go‑to places to verify viral quotes, screenshots, and videos, including many AI‑generated or manipulated pieces of content.

• FactCheck.org: https://www.factcheck.org

• PolitiFact: https://www.politifact.com

Defend Yourself: Slow down. Before trusting or sharing any explosive election‑related claim, run it through at least two of these resources plus your state election office’s website.