Transcending the capabilities of traditional devices, metasurfaces offer nearly limitless control of the EM properties of wireless signals and have recently been shown to facilitate wireless communication with unique designs. However, in this thesis, I explore the security threats posed by malicious metasurfaces and demonstrate that, along with new opportunities, they bring forth unprecedented security challenges. In particular, I expose a new class of “MetaSurface-in-the-Middle” attacks, wherein malicious agent, Eve, can intercept pencil-beam directional links - conventionally believed to be immune from eavesdropping - with an almost imperceptible trace. By exploring the foundation of the attack in WLAN scenarios, I demonstrate that such malicious metasurfaces could be fabricated in under 5 minutes and at the cost of several cents. Furthermore, I study the attack with wireless backhaul links, which are crucial for many functions like low-latency financial trading on Wall Street. I show how Eve designs and employs MetaFly to covertly manipulate the EM wavefront on highly directional backhaul links, secretly inducing eavesdropping diffraction beams. I implement and demonstrate these attacks in both large indoor and outdoor rooftops in a metropolitan area, showcasing how Eve can intercept transmissions with nearly zero bit error rate while maintaining minimal impact on legitimate communication.