The Call Is Coming From Inside the Agent (And It Has Your Credentials)

The Call Is Coming From Inside the Agent (And It Has Your Credentials)

You’ve shipped your first agent. It works. It’s useful. It might also be a security liability you don’t even know about. In this episode, Yuval talks to Zenity CTO Michael Bargury about how easy it is to hijack popular agent systems like Copilot and Cursor, what “zero-click” attacks look like in the agent era, and how to monitor, constrain, and secure your AI Agent in production. From sneaky prompt injections to memory-based persistence and infected multi-agent workflows, this is the “oh no” moment every builder needs.

Key Topics:

• Why “ignore previous instructions” still works better than it should

• How one agent goes rogue… and infects the others

• Real-world attacks: social media triggers, CRM leaks, and logic bombs

• Observability 101 for AI: logs, reasoning traces, and root cause sanity

• The new rule: build like it will go rogue—because one day it will