Why every AI agent can be hacked

AI agents are exploding across the enterprise—but security hasn’t caught up. In this episode of Today in Tech, host Keith Shaw talks with Michael Bargury, co-founder and CTO of Zenity, about why every AI agent is inherently vulnerable, how zero-click attacks work, and what companies must do now to reduce their risk. Bargury explains how attackers can hijack AI agents with simple persuasion, plant malicious “memories,” and silently exfiltrate sensitive data from tools like Microsoft Copilot, ChatGPT, Salesforce, and Cursor, often without users ever clicking on anything. You’ll learn: * Why AI agents are always vulnerable by design * How prompt injection = persuasion, not just a technical bug * What zero-click agent attacks look like in the real world * How attackers can weaponize shared docs, Jira tickets, and email automations * Why there is no such thing as a “fully secure” agent platform * Practical steps to monitor, contain, and manage AI agent risk Chapters 0:00 – Introduction, overview: Why every AI agent can be hacked 1:00 – First enterprise AI attack on Microsoft Copilot 3:15 – Systemic vulnerabilities and why things got worse 4:35 – Why agents are always gullible by design 6:10 – Prompt injection vs simple persuasion 8:00 – Zero-click attacks explained 10:30 – Hacking ChatGPT via Google Drive & shared docs 13:40 – Planting malicious “memories” in your AI 15:30 – The Cursor + Jira “apples” exploit for stealing secrets 20:10 – Thousands of exposed Copilot Studio agents on the internet 23:30 – Goal hijacking: convincing agents to change their mission 24:50 – Dumping Salesforce data via a customer-success agent 26:50 – Soft vs hard security boundaries for AI 28:15 – What vendors fixed—and what they can’t fix 31:10 – Why “secure AI platform” is a myth 33:30 – What enterprises must own in the shared responsibility model 36:20 – Treating agents like risky insiders to monitor 39:00 – How AI security needs to evolve next 40:57 – Closing thoughts

You can listen to Why every AI agent can be hacked online on Radio and Podcast. Open the player on this page to stream the available audio.

Why every AI agent can be hacked is an episode from Today in Tech by Foundry.

This episode is 41:30 long.

This episode was published on Jan 13, 2026.

Yes. Use the heart button on the episode page to add it to your favorite episodes list.

Yes. This page shows related episodes from Today in Tech when more episodes are available from the podcast feed.