Editorial illustration for Researchers breach all AI defenses; Walmart CISO warns of agentic AI risks
AI Agent Vulnerabilities: Breaking Security Defenses
Researchers breach all AI defenses; Walmart CISO warns of agentic AI risks
Researchers have now demonstrated that every AI defense they examined can be bypassed. While the tech is impressive, the experiments reveal a pattern: attackers sidestep traditional safeguards, often without injecting any malicious code. The study, framed as “Researchers broke every AI defense they tested.
Here are 7 questions to ask vendors,” lays out a checklist that forces vendors to confront gaps most security teams assume are covered. Yet the findings are only the tip of the iceberg. As AI systems grow more autonomous, the threat surface expands in ways that conventional firewalls and antivirus tools weren’t built to monitor.
Here’s why that matters to a retail giant whose data pipelines run 24/7. Walmart’s EVP and CISO, Jerry Geisler, has warned that agentic AI could compound these vulnerabilities, creating pathways that slip past existing controls.
“One of the ways they've done that is by not bringing in malware at all.”
One of the ways they've done that is by not bringing in malware at all." Jerry Geisler, EVP and CISO of Walmart, sees agentic AI compounding these risks. "The adoption of agentic AI introduces entirely new security threats that bypass traditional controls," Geisler told VentureBeat previously. "These risks span data exfiltration, autonomous misuse of APIs, and covert cross-agent collusion, all of which could disrupt enterprise operations or violate regulatory mandates." Four attacker profiles already exploiting AI defense gaps These failures aren't hypothetical.
They're already being exploited across four distinct attacker profiles. The paper's authors make a critical observation that defense mechanisms eventually appear in internet-scale training data.
The paper shows a stark reality: defenses marketed as near‑impenetrable fell apart under adaptive attacks, with bypass rates topping ninety percent on most of the twelve systems evaluated. Researchers from OpenAI, Anthropic and DeepMind demonstrated that the attacker’s second‑move advantage can render many safeguards ineffective. Walmart’s EVP and CISO, Jerry Geisler, adds that agentic AI “introduces entirely new security threats that bypass traditional controls,” suggesting a widening attack surface beyond what current defenses address.
One of the techniques highlighted involves sidestepping malware entirely, a detail that underscores how conventional threat models may miss novel vectors. Enterprises buying AI protections now face evidence that many products do not deliver the promised security guarantees. It is unclear whether vendors can redesign their offerings fast enough to counter these adaptive techniques, or if new architectural approaches will be required.
Until such measures are proven, security teams should treat AI‑related controls with heightened scrutiny and demand transparent, independently verified performance data.
Further Reading
Related Reading
Research & Benchmarks Hyperparameter Tuning Reaches 0.9617 Accuracy in 64.59 Seconds
Research & Benchmarks Pharma Cautious as AI Promises Faster Drug Discovery and Smarter Trials
Research & Benchmarks Google AI Advisors Let Users Probe Performance with Conversational “Why” Queries
From Archives Rust meets Python: Enhancing the NumPy‑pandas‑scikit‑learn‑PyTorch workflow
From Archives AI Foundry by Tredence to Host Builders Forum Feb 7, 2026 in Chennai
Common Questions Answered
What novel security threats do generative AI agents introduce according to the research?
[arxiv.org](https://arxiv.org/pdf/2504.19956) identifies 9 primary threats across five key domains, including cognitive architecture vulnerabilities and trust boundary violations. These agents can traverse organizational boundaries, make mutating API calls, and manipulate enterprise data with minimal human oversight, creating unprecedented security challenges.
How do multi-turn attacks differ from single-turn attacks on AI agents?
[arxiv.org](https://arxiv.org/html/2502.08586v1) reveals that multi-turn attacks achieve significantly higher success rates, ranging between 25.86% and 92.78%. These attacks represent a 2x to 10x increase over single-turn baseline attacks, demonstrating the vulnerability of AI agents during extended interactions.
Why are existing security frameworks insufficient for protecting generative AI agents?
The research argues that generative AI agents require a fundamentally new security lens due to their unique architecture and behavior. [arxiv.org](https://arxiv.org/pdf/2504.19956) highlights that traditional security approaches fail to account for agents' ability to reason, remember, and act autonomously across complex enterprise environments.