We assume that a buffer-aided transmitter communicates with a receiving node in the presence of an attacker. We investigate the impact of a radio-frequency energy-harvesting attacker that probabilistically operates as a jammer or an eavesdropper. We show that even without the need for an external energy source, the attacker can still degrade the security of the legitimate system. We show that the random data arrival behavior at the transmitter and the channel randomness of the legitimate link can improve the system's security. Moreover, we design a jamming scheme for the attacker and investigate its impact on the secure throughput of the legitimate system. The attacker designs his power splitting parameter and jamming/eavesdropping probability based on the energy state of the attacker's battery to minimize the secure throughput of the legitimate system.