5 key takeaways from Black Hat USA 2025 | CSO Online

Black Hat and DEF CON conferences revealed several critical cybersecurity vulnerabilities that CISOs should address, with AI systems emerging as a major attack vector through “AgentFlayer” exploits targeting enterprise AI assistants like ChatGPT, Gemini, and Microsoft Copilot. Zenity researchers demonstrated zero-click attacks using rogue prompts in documents that can steal API keys from connected services like Google Drive, while NCC Group showed how AI systems linking to enterprise data repositories enable password extraction due to inadequate permissions and guardrails. Critical flaws were also discovered in enterprise credential vaults including HashiCorp Vault and CyberArk Conjur, stemming from authentication and policy enforcement logic errors that could compromise stored credentials and certificates. Additional vulnerabilities included firmware flaws in over 100 Dell laptop models that could bypass Windows login and survive OS reinstallation, multi-tenancy isolation issues in Amazon ECS allowing credential theft between containers, and Windows RPC/LDAP vulnerabilities enabling remote domain controller crashes and potential botnet creation. The research emphasizes the need for zero trust principles in AI environments, stronger cloud isolation models, and enhanced security measures across enterprise infrastructure.​​​​​​​​​​​​​​​​