🎮AI Agents Prove Highly Susceptible to Hijacking, Research Warns📱

 AI Agents Prove Highly Susceptible to Hijacking, Research Warns


Published: Aug. 11, 2025

Author: David Jones


Some of the most widely used AI agents and assistants from Microsoft, Google, OpenAI, and other major companies are susceptible to being hijacked with little or no user interaction, according to new research from Zenity Labs.


During a presentation at the Black Hat USA cybersecurity conference, Zenity researchers demonstrated how attackers could exfiltrate data, manipulate critical workflows, and in some cases impersonate users.


Beyond infiltration, the researchers revealed that attackers could also gain memory persistence, maintaining long-term access and control over compromised AI agents.


> “They can manipulate instructions, poison knowledge sources, and completely alter the agent’s behavior,” said Greg Zemlin, product marketing manager at Zenity Labs. “This opens the door to sabotage, operational disruption, and long-term misinformation, especially where agents are trusted for critical decisions.”

Key Findings


Zenity Labs identified vulnerabilities in several popular AI agents:


OpenAI’s ChatGPT – Exploitable via email-based prompt injection, granting access to connected Google Drive accounts.


Microsoft Copilot Studio – Customer-support agent leaked entire CRM databases; over 3,000 agents found at risk.


Salesforce Einstein – Manipulated to reroute customer communications to attacker-controlled emails.


Google Gemini & Microsoft 365 Copilot – Could be turned into insider threats, enabling social engineering and theft of sensitive conversations.



Company Responses


Microsoft: Acknowledged the report, claimed systemic updates have mitigated the vulnerabilities, and committed to further strengthening defenses.


OpenAI: Confirmed it patched the reported issue and continues running a bug bounty program.


Salesforce: Reported fixing the vulnerability.


Google: Deployed new layered defenses addressing the discovered issues.



Google emphasized the importance of layered defense strategies against prompt injection attacks.


Wider Concerns


Experts warn that the findings highlight a lack of sufficient guardrails in many agent-building frameworks. Aim Labs researchers noted that even AI giants like OpenAI, Google, and Microsoft leave much of the security responsibility to end-users and organizations.


As AI agents rapidly expand in enterprise environments, these vulnerabilities underscore the urgent need for robust safeguards to prevent hijacking, misinformation, and operational disruption.

Comments

Post a Comment

Popular posts from this blog

💭📱Instagram Users Shocked as Friends Turn Into AI Clones! 🤔🗞️

 Instagram Glitch: Users Shocked as Friend Lists Turn Into “AI” – What’s Going On? 🤖📱 A strange bug has taken over Instagram — and no, it’s not a filter. Over the weekend, users were stunned to find their entire contact lists renamed as “AI”, sparking confusion, frustration, and wild speculation about Meta’s next big move.  Friends Replaced by ‘AI’? Here’s What Happened The issue first surfaced on Reddit, where users shared screenshots showing that their friends’ names had vanished, replaced with the label “AI” across their contact list. While profile pictures remained the same, sending messages or videos became nearly impossible, forcing many to copy-paste links manually. “I can’t find any of my friends. They’re all just called AI. This is ridiculous,” one Redditor posted. Users quickly began calling the app "unusable," with some even uninstalling it out of sheer annoyance. 🔍 AI Rollout or Internal Testing Gone Wrong? Interestingly, this glitch came just as Instagram disp...
Read more

📱When Will 5G Arrive in Pakistan? – July 2025 Latest Update

 Is 5G Really Coming to Pakistan in 2025? Here's What We Know Every tech lover in Pakistan is eagerly waiting for 5G internet. But will it actually launch in 2025? 🚀 According to recent statements by the Pakistan Telecommunication Authority (PTA), 5G trials are underway — but the official launch is still delayed. 5G won't just bring faster internet — it will also enable advanced features like smart cities, online education, and even remote surgeries. It promises lower latency and much higher speeds. 🔍 Reports suggest that by the end of 2025, a soft launch of 5G is expected in major cities like Karachi, Lahore, and Islamabad. Countries like India and China have already rolled out 5G. Pakistan may be behind in the race, but experts believe the gap could shrink within the next 1–2 years. For now, the main focus remains on improving 4G coverage, especially in rural areas, to ensure high-speed internet access for all. 📶 What do you think? Will Pakistan finally launch 5G in 2025? ...
Read more

🤔💸Apple Goes Fully Wireless: iPhone 17 Air Redefines Charging for 250M Users📱

 The iPhone 17 Air: Ushering in the Portless Future of Smartphones Apple’s iPhone 17 Air marks more than just the next step in smartphone evolution — it redefines what we expect from mobile technology. By removing all physical ports, including the USB-C and SIM card slot, Apple has taken a bold leap toward a truly wireless future. This isn't just about a sleeker design — it's about streamlining the user experience and aligning with Apple’s long-term vision of minimalism and seamless functionality. With enhanced MagSafe charging and Qi2 compatibility, the iPhone 17 Air brings wireless charging closer to the mainstream than ever before. Its ultra-slim, lightweight body reflects the same design philosophy that made the MacBook Air iconic — prioritize form without compromising function. Apple’s approach suggests that convenience, portability, and aesthetics can co-exist, even if it means letting go of long-standing features like charging cables. This move also reflects Apple’s stra...
Read more