Sign up to save your podcasts
Or
Share Agentic ProbLLMs - Exploiting AI Computer-Use and Coding Agents with Johann Rehberger
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Agentic ProbLLMs - Exploiting AI Computer-Use and Coding Agents with Johann Rehberger
What happens when autonomous AI agents start clicking links, running code, and “helpfully” exfiltrating your secrets for an attacker?
In this talk, offensive security researcher Johann Rehberger walks through real‑world exploits against agentic systems such as computer‑use agents, coding copilots, and local development assistants, showing how prompt injection, invisible instructions, and tool automation can turn AI helpers into fully compromised “zombie” endpoints. This session is ideal for blue and purple teamers, red teamers, AppSec engineers, security architects, and anyone experimenting with AI agents in their SOC, SDLC, or internal tools. You’ll see how attackers chain prompt injection with automatic tool invocation, how agents can be abused to steal API keys and sensitive data, and why treating agents like potentially malicious insiders is becoming a practical security baseline.
Organizer note: This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
If this was useful, subscribe to BSides Vancouver Island for more talks from local and global security practitioners. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Watch more sessions from the BSides Vancouver Island playlist to keep sharpening your skills with content from and for the Vancouver Island security community.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.
View all episodes
By What happens when autonomous AI agents start clicking links, running code, and “helpfully” exfiltrating your secrets for an attacker?
In this talk, offensive security researcher Johann Rehberger walks through real‑world exploits against agentic systems such as computer‑use agents, coding copilots, and local development assistants, showing how prompt injection, invisible instructions, and tool automation can turn AI helpers into fully compromised “zombie” endpoints. This session is ideal for blue and purple teamers, red teamers, AppSec engineers, security architects, and anyone experimenting with AI agents in their SOC, SDLC, or internal tools. You’ll see how attackers chain prompt injection with automatic tool invocation, how agents can be abused to steal API keys and sensitive data, and why treating agents like potentially malicious insiders is becoming a practical security baseline.
Organizer note: This session was recorded live at BSides Vancouver Island 2025 at the Victoria Conference Centre in Victoria, BC.
If this was useful, subscribe to BSides Vancouver Island for more talks from local and global security practitioners. Join our Slack to stay up to date: https://communityinviter.com/apps/visrs/visrs. Watch more sessions from the BSides Vancouver Island playlist to keep sharpening your skills with content from and for the Vancouver Island security community.
BSides Vancouver Island returns to the Victoria Conference Centre in Victoria, BC on Friday, September 25, 2026. Stay tuned for sponsorship, speaker, attendance, and volunteering opportunities.