Security experts warn of "agent hijacking" threats

- Agent hijacking is a form of indirect prompt injection where malicious instructions are hidden in external data sources like documents or websites that an agent processes. This technique exploits the fact that many AI systems do not have a clear separation between trusted instructions and untrusted external data. - The Open Web Application Security Project (OWASP) lists "Excessive Agency" as a critical vulnerability for Large Language Model (LLM) applications, where agents can perform actions beyond their intended scope, leading to unintended consequences. The 2025 OWASP Top 10 for LLMs also highlights new risks like "System Prompt Leakage" and weaknesses in Retrieval-Augmented Generation (RAG) systems. - A key challenge in securing AI agents is that traditional security models designed for humans or static services are inadequate for systems that learn and act autonomously. This has led to the development of new security frameworks, such as the NIST AI Risk Management Framework, which provides guidance on governing, mapping, measuring, and managing agent-related risks. - In the B2B SaaS sector, the trend is shifting from AI as a feature to AI agents that perform end-to-end tasks with minimal supervision, driving a need for stronger AI governance and API-centric security. This move towards "agentic workflows" is a top trend, with vertical SaaS solutions incorporating AI growing 2-3 times faster than horizontal ones. - For Chief Technology Officers, the role has evolved to include strategic leadership in AI governance, integrating cybersecurity into the entire technology stack and development lifecycle (DevSecOps). This requires a partnership with other executives, like the CMO, to balance innovation with security. - In advertising technology, the use of AI agents for autonomous media buying is still limited due to concerns about the quality of bidstream data, which can be flawed with issues like last-click bias and a lack of transparency. For now, LLMs are primarily used to accelerate workflows rather than make spending decisions. - The London tech ecosystem is a major hub for AI innovation, with the city's AI startups raising a record $3.5 billion in VC funding in 2024. In the first half of 2025, UK tech companies raised a total of $7.8 billion, with enterprise applications and fintech being top-performing sectors. - Formula 1 teams extensively use data analytics and AI, with cars equipped with over 300 sensors generating more than 1.5 terabytes of data per race weekend. This real-time data is used for everything from race strategy and predictive modeling of tire wear to car development and fan engagement.