Major AI Agents Found Vulnerable to Hijacking, Study Finds - 1

Image by Solen Feyissa, from Unsplash

Major AI Agents Found Vulnerable to Hijacking, Study Finds

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Some of the most widely used AI assistants from Microsoft, Google, OpenAI, and Salesforce can be hijacked by attackers with little or no user interaction, according to new research from Zenity Labs.

In a rush? Here are the quick facts:

  • ChatGPT was hijacked to access connected Google Drive accounts.
  • Microsoft Copilot Studio leaked CRM databases from over 3,000 agents.
  • Google Gemini could be used to spread false information and phishing.

Presented at the Black Hat USA cybersecurity conference, the findings show that hackers could steal data, manipulate workflows, and even impersonate users. In some cases, attackers could gain “memory persistence,” allowing long-term access and control.

“They can manipulate instructions, poison knowledge sources, and completely alter the agent’s behavior,” Greg Zemlin, product marketing manager at Zenity Labs, told Cybersecurity Dive . “This opens the door to sabotage, operational disruption, and long-term misinformation, especially in environments where agents are trusted to make or support critical decisions.”

The researchers demonstrated full attack chains against several major enterprise AI platforms. In one case, OpenAI’s ChatGPT was hijacked through an email-based prompt injection, allowing access to connected Google Drive data.

Microsoft Copilot Studio was found leaking CRM databases, with more than 3,000 vulnerable agents identified online. Salesforce’s Einstein platform was manipulated to reroute customer communications to attacker-controlled email accounts.

Meanwhile, Google’s Gemini and Microsoft 365 Copilot could be transformed into insider threats, capable of stealing sensitive conversations and spreading false information.

Additionally, researchers were able to trick Google’s Gemini AI into controlling smart home devices . The hack turned off lights, opened shutters, and started a boiler without resident commands.

Zenity disclosed its findings, prompting some companies to issue patches. “We appreciate the work of Zenity in identifying and responsibly reporting these techniques,” a Microsoft spokesperson said to Cybersecurity Dive. Microsoft said the reported behavior “is no longer effective” and that Copilot agents have safeguards in place.

OpenAI confirmed it patched ChatGPT and runs a bug-bounty program. Salesforce said it fixed the reported issue. Google said it deployed “new, layered defenses” and stressed that “having a layered defense strategy against prompt injection attacks is crucial,” as reported by Cybersecurity Dive.

The report highlights rising security concerns as AI agents become more common in workplaces and are trusted to handle sensitive tasks.

In another recent investigation , it was reported that hackers can steal cryptocurrency from Web3 AI agents by planting fake memories that override normal safeguards.

The security flaw exists in ElizaOS and similar platforms because attackers can use compromised agents to transfer funds between different platforms. The permanent nature of blockchain transactions makes it impossible to retrieve stolen funds. A new tool, CrAIBench, aims to help developers strengthen defenses.

Data Centers Blamed For Soaring U.S. Electricity Costs - 2

Image by İsmail Enes Ayhan, from Unsplash

Data Centers Blamed For Soaring U.S. Electricity Costs

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Regular households and small businesses throughout the U.S face rising electric bill costs given the extensive energy demands of Big Tech data centers.

In a rush? Here are the quick facts:

  • Some states push data centers to pay more for power infrastructure.
  • Current system spreads billions in costs to all electricity customers.
  • Data centers caused 70% of last year’s $9.3B electricity cost increase.

Several states are investigating how data centers affect electricity bills, while others are trying to make data centers pay a bigger share of costs for new power plants and transmission lines. “There’s a massive outcry,” said Charlotte Shuff of the Oregon Citizens’ Utility Board, as reported by AP.

In Georgia, residents like Beverly Morris blame nearby Meta data centers for water shortages , citing millions of gallons used for cooling. Meta denies harming groundwater, but locals remain skeptical.

Critics say the current system spreads billions in infrastructure costs across all customers, even though only a few of the world’s wealthiest companies benefit. “A lot of this infrastructure […] is being built just for a few customers,” said Ari Peskoe of Harvard University, as reported by AP.

AI data centers consume massive electricity, sometimes over 20% of a country’s usage, yet companies rarely disclose exact figures .

Additionally, research shows that AI-generated messages produce significant environmental impacts. The yearly energy consumption of one weekly email generated by AI equals the power usage of nine homes during one hour. Experts warn that individual habits add up to stress data centers which currently use 2% of global electricity and will experience significant growth because of increasing AI adoption.

AP notes that Wood Mackenzie researchers found that data center ‘special rates’ in 16 states fail to cover the expenses of building new power plants, forcing regular customers to absorb the extra costs. Monitoring Analytics, a mid-Atlantic organization, reported that data center demand accounted for 70% of last year’s $9.3 billion electricity cost increase.

AP reports that Oregon has ordered regulators to set higher data center rates, while New Jersey is investigating potential unreasonable rate increases” for ratepayers. Pennsylvania is drafting a standard rate framework to determine appropriate payment plans for technology companies.

“We’re talking about real transmission upgrades, potentially hundreds of millions of dollars,” said commission chairman Stephen DeFrank, as reported by the AP. “And that’s what you don’t want the ratepayer to get stuck paying for,” he added.