Eduardo Ordax’s Post

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security

212 Comments

Vince M.

Senior Software Architect, AI Engineer, Executive, Founder, MSc

Got a link?

3 Reactions

Zsolt Kovacs

Strategic Microsoft Copilot Studio Implementation | I help IT Leaders Build AI-Powered Business Workflows with Microsoft Copilot Studio | Founder @ oartconsult | 5 yrs + ERP & process expertise

Oh boy, this is so evil. Autonomy without guardrails is pure exposure.

3 Reactions

George Perez

AI Systems Architect | Enterprise-Scale Automation | Lead Software Developer | Multi-Agent LLM Orchestration & Human+AI Collaboration Design

This is what happens when Humans are Out Of The Loop

3 Reactions

John (JR) Renaldi

Product Leader, Founder, Educator | Google, Life360, Jiobit, Moto

Failure of guardrails too. This should have been detected by input guardrails which should have filtered this before ever making its way to the LLM / main agent. Also failure of a tool call that would ever have such wide scopes.

7 Reactions

Samir Y.

Telecoms consultant - Operations and service delivery

That's why hypers, VC zombies and influencers TOTALLY obfuscate data privacy and security from their propaganda pitches !

10 Reactions

Andre Ankri

Helping to Discover your Superpower | Follow for insights on AI, Business Growth, and High-impact Leadership | Founder | Speaker | Dyslexic & ADHD to the max

Rushing innovation without safeguarding is a recipe for disaster.

2 Reactions

Niclas Schlopsna

Founder @spectup | Fundraising & GTM for Growth-Stage Startups | $120M+ Raised | Traction that Closes Rounds | Venture Scout

You nailed it!!

3 Reactions

Arjus Dashi

Architecting E-Commerce & SaaS Platforms | Founder and CEO of Frontlevels - Shopify Experts | Author of thectonewsletter.

Probably they were vibecoded

4 Reactions

Ashley Nicholson

Turning Data Into Better Decisions | Follow Me for Daily Tips to Make You More Tech Savvy | Technology Leader & Entrepreneur

When safeguards are ignored, automation turns from asset to liability in seconds. Security gaps in autonomous systems aren’t just risks, they’re open doors waiting to be exploited. Eduardo Ordax

7 Reactions

Fabio Ciucci

ex tech CEO, CTO, CMO | Serial Founder | Wealth mgmt | Hilarious

Hacker in the loop

15 Reactions

See more comments

To view or add a comment, sign in

More Relevant Posts

Tara McIlroy

Wealth Advisor Marketing | Experiential Event Producer | Systems & AI Automations Specialist | Entrepreneur
4w Edited
Report this post
And this, my friends, is why I believe we still need some level of human oversight (for the near future anyways). With advisors and firms now transitioning to the use of AI tools and platforms, it’s more important than ever to understand how to best implement them. For me? I’m building backend systems, things that save me time in terms of automating the smaller day-to-day tasks, for example: updating my project management system, collecting form submissions, managing calendar bookings, etc. NOT the tasks that in my opinion, still require a high level of human oversight and a personal touch ie. sending client emails, writing and manual review, website structure and design decisions, etc. Yes, technology is moving at what seems to be the speed of light right now, but this is a great reminder to take it one step at a time and ensure the appropriate guardrails are in place and that it’s being utilized for tasks that free up your time so you can focus on what really matters: relationships. Have a great long weekend, all! #advisormarketing #ai #security #fintech #marketing
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1mo

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Dan Gilleland

Senior Vice President, Products Software Engineering
2w
Report this post
Trust. It takes years to build, seconds to destroy and hard to get back. I like Shane Eleniak’s thoughts in this post. The AI we all want requires a high level of diligence in how we use and deploy it. It’s disappointing to see how AI-driven fraud is surging, with breached personal data up 186% and AI-generated phishing scams increasing 456% between May 2024 and April 2025. Over 82% of phishing emails now incorporate AI, enabling fraudsters to craft scams up to 40% faster, leading to massive financial losses globally. What can be done? We are working on it and will say more shortly as it’s a big deal to me… https://lnkd.in/ggjwYzqE
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1mo

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
2 Comments
Like Comment
To view or add a comment, sign in
Frank La Vigne

Principal AI Product Marketing Manager @ Red Hat | Driving AI Product Strategies
1w
Report this post
In case you haven't already learned the lesson the hard way yet, we need to think about security at every level of AI development.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Arun Arunachalam
1w
Report this post
"No Human in the Loop" is Irresponsible AI Marketing 🚨 After deploying multiple LLM solutions in production, I've learned that: guardrails and monitoring aren't optional extras—they're the foundation. Before rushing your next AI use case to production, ask yourself: ✅ Do you understand the probabilistic nature of transformer architectures? ✅ Have you implemented proper output validation and safety checks? ✅ Are you monitoring for hallucinations, bias, and edge cases? ✅ Do you have rollback mechanisms when things go wrong? The uncomfortable truth: LLMs are powerful prediction engines, not infallible oracles. They can confidently generate incorrect information, perpetuate biases, or behave unpredictably with novel inputs. When vendors pitch "fully autonomous AI with zero human oversight," they're selling you a liability, not a solution. Responsible AI deployment means: Human oversight at critical decision points Robust testing across diverse scenarios Continuous monitoring and feedback loops Clear escalation paths for edge cases The goal isn't to eliminate humans—it's to augment human capabilities while maintaining accountability.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Zeb Khan

Head of AI & Automation @ Enfuse Group | AI | Process Intelligence | Intelligent Automation
1w Edited
Report this post
There’s huge value when AI is done right — with the right guardrails in place. But rushing in just to feel like you’re keeping up? That’s not innovation, it’s pure risk. Don’t let the shiny AI distract you from the people, data and processes underneath it. And whatever you do — don’t be the company that makes tomorrow’s DEFCON headline. 😅 If this is something you are trying to tackle or want to exchange ideas on how to approach— let’s chat. 💬 #AI #EnfuseGroup #OperationalIntelligence #DEFCON #AIGovernance #ResponsibleAI #AIROI
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Lewis Z. Liu

AI Entrepreneur & Pioneer | Ex-Founder & CEO of Eigen (Acquired)
1w
Report this post
This is such an issue with no human-in-loop "agents", especially things like Microsoft Co-pilot. We need to really rethink and refocus on privacy and security with AI agents.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Dr. Michael N.
1w
Report this post
Autonomous agents are the ideal frenemies from within. On the altar of ‘innovation’ and ‘cost-cutting’ they are created and deployed at speed and scale for exfiltration like 𝗜𝗘𝗗𝘀, causing 𝙞𝙣𝙫𝙞𝙨𝙞𝙗𝙡𝙮 𝙚𝙛𝙛𝙞𝙘𝙞𝙚𝙣𝙩 𝙙𝙚𝙫𝙖𝙨𝙩𝙖𝙩𝙞𝙤𝙣. Not foreign adversaries but unchecked automation, because every shortcut sold as ‘innovation’ and ‘cost-cutting’ is just another blast waiting to happen. When it hits, the blast radius is not limited to data that’s scattered; trust, governance and resilience become collateral damage too.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
Trí Trương Minh

Associate AI Engineer @ Yokogawa Votiva Solutions | Developing AI Solutions
1w
Report this post
Absolutely spot on, Michael Bargury – this 𝐃𝐄𝐅𝐂𝐎𝐍 demo exposes the raw risks of 𝐀𝐈 𝐚𝐠𝐞𝐧𝐭𝐬 𝐢𝐧𝐭𝐨 𝐩𝐫𝐨𝐝𝐮𝐜𝐭𝐢𝐨𝐧. As an AI engineer building agent systems, I've seen firsthand that spinning up an AI agent is straightforward, but hardening it for production safety and enabling true self-improvement over time? That's the real engineering challenge we need to tackle head-on to prevent these exploits from becoming enterprise nightmares. #AI #Agents #Security
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
1 Comment
Like Comment
To view or add a comment, sign in
Bobby Hyam

Solutions Engineer | Glean, ex-Google, ex-NetApp
1w
Report this post
I meet some customers who are determined to deploy fully autonomous agents and I can understand why. It’s so easy to understand the cost savings when you can take something a human is doing today and completely replace them with an agent, but there are many reasons this is hard to get right. At Glean, our customers seeing tremendous value from delegating busy work to agents but it’s always with a human in the loop. We do support agents that trigger automatically but any write actions or sensitive operations are required to have human supervision and this security is built into our platform. Instead of trying to replace humans and take them out of the equation, we focus on giving them leverage to increase output per employee. Now each developer can deliver more production features, one legal council can handle more enquiries and a salesperson can do more outreach and close more business per quarter. The use cases where full autonomy will be feasible will continue to expand but if you look at it through the right lense there’s a ton of value to be had today in a safe and deterministic way when designed right.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
Like Comment
To view or add a comment, sign in
John Santic

Creative Story Builder | Product Marketer | GTM Strategy
1w Edited
Report this post
Rushing to deploy the vision of the autonomous enterprise without humans in the loop can have dire consequences. It introduces new kind of debt for the enterprise to contend with. Cognitive debt? Intellectual debt? Or security debt? The need for governance is more important than ever.
Eduardo Ordax

🤖 Generative AI Lead @ AWS ☁️ (150k+) | Startup Advisor | Public Speaker | AI Outsider | Founder Thinkfluencer AI
1w

🚨 At DEFCON, Microsoft’s Copilot Studio agents got absolutely wrecked. Researchers hijacked them with a few clever prompts and… boom: – Full CRM records dumped – Private tools exposed – Actions executed without human oversight Yes, the “autonomous agents” everyone is rushing to deploy turned into data exfiltration machines — zero governance, zero brakes. The irony? We keep selling “no human in the loop” as a feature, when in practice it’s a hacker’s dream. One vulnerability = full system compromise. This time it was Salesforce records, billing info, and internal comms. Next time? Who knows. Enterprises, here’s the memo: autonomous AI without serious security is not innovation, it’s malpractice. We’re widening the gap between capability and security and hackers are the only ones winning. Autonomous is cool… until your agent is working for someone else. (@Michael Bargury on X) #ai #agents #security
4 Comments
Like Comment
To view or add a comment, sign in

183,318 followers

View Profile Connect

LinkedIn respects your privacy

Eduardo Ordax’s Post

More from this author

Your SundAI Breakfast #25

Your SundAI Breakfast #25

Your SundAI Breakfast #24

Explore content categories