LogoZenity Labs
AI Agent Security Summit (On Demand)
Join Us
Authors
Subscribe
LogoZenity Labs

Security research

In-depth studies on vulnerabilities and defenses in copilot and no-code applications

Security research

PerplexedBrowser: How Attackers Can Hijack Comet to Takeover your 1Password Vault

Mar 3, 2026

•

26 min read

PerplexedBrowser: How Attackers Can Hijack Comet to Takeover your 1Password Vault

One Calendar Invite. Your Entire Vault. Zero Clicks.

Stav Cohen
Stav Cohen

Security research

PerplexedBrowser: Perplexity’s Agent Browser Can Leak Your PC's Local Files

Mar 3, 2026

•

25 min read

PerplexedBrowser: Perplexity’s Agent Browser Can Leak Your PC's Local Files

Local Files Are No Longer Safe.

Stav Cohen
Stav Cohen

Security research

Turning Moltbook Into a Global Botnet Map

Feb 18, 2026

•

22 min read

Turning Moltbook Into a Global Botnet Map

How Untrusted Content Triggered 1,000+ Agent Endpoints Worldwide and Exposed Moltbook’s Faulty Design

Stav Cohen
João Donato
Stav Cohen, +1

Security research

Perplexity Comet: A Reversing Story

Feb 11, 2026

•

13 min read

Perplexity Comet: A Reversing Story

A deeper look into an agentic browser's inner workings

Raul Klugman-Onitza
Raul Klugman-Onitza

Security research

OpenClaw or OpenDoor?

Feb 4, 2026

•

14 min read

OpenClaw or OpenDoor?

Indirect Prompt Injection makes OpenClaw vulnerable to Backdoors and much more.

Stav Cohen
João Donato
Stav Cohen, +1

Security research

Agent-to-Agent Exploitation in the Wild: Observed Attacks on Moltbook

Feb 3, 2026

•

14 min read

Agent-to-Agent Exploitation in the Wild: Observed Attacks on Moltbook

Agent-targeted social engineering and attacks observed on a live agent network

Avishai Efrat
Avishai Efrat

Security research

Agentic Recon: Discovering and Mapping Public AI Agents

Jan 19, 2026

•

17 min read

Agentic Recon: Discovering and Mapping Public AI Agents

A Copilot Studio case study in agent discovery and capability mapping

Avishai Efrat
Avishai Efrat

Security research

Threat Actors Are Already Scanning For Your AI Deployments and Middleware

Jan 13, 2026

•

21 min read

Threat Actors Are Already Scanning For Your AI Deployments and Middleware

What recent scanning activity means for your AI middleware and agentic deployments

Tamir Ishay Sharbat
Avishai Efrat
Tamir Ishay Sharbat, +1

Security research

Exploring the Risks of ChatGPT’s Atlas Browser

Oct 23, 2025

•

11 min read

Exploring the Risks of ChatGPT’s Atlas Browser

Tamir Ishay Sharbat
Raul Klugman-Onitza
Tamir Ishay Sharbat, +1

Security research

Appendix: Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Oct 21, 2025

•

15 min read

Appendix: Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Max Fomin
Max Fomin

Security research

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Oct 21, 2025

•

14 min read

Interpreting Jailbreaks and Prompt Injections with Attribution Graphs

Max Fomin
Max Fomin

Security research

Breaking down AgentKit's Guardrails

Oct 10, 2025

•

9 min read

Breaking down AgentKit's Guardrails

A deep dive into OpenAI's AgentKit guardrails, how they are implemented, and where they fail

Stav Cohen
Stav Cohen

Security research

Analyzing The Security Risks of OpenAI's AgentKit

Oct 8, 2025

•

17 min read

Analyzing The Security Risks of OpenAI's AgentKit

Stav Cohen
Raul Klugman-Onitza
Stav Cohen, +1

Security research

Prompt Mines: 0-Click Data Corruption In Salesforce Einstein

Aug 14, 2025

•

17 min read

Prompt Mines: 0-Click Data Corruption In Salesforce Einstein

Tamir Ishay Sharbat
Tamir Ishay Sharbat

Security research

AgentFlayer: Minimum Clicks, Maximum Leaks: Tilling ChatGPT’s Attack Surface

Aug 7, 2025

•

7 min read

AgentFlayer: Minimum Clicks, Maximum Leaks: Tilling ChatGPT’s Attack Surface

Exploiting ChatGPT with Language Alone: A Deep Dive into 0Click and 1Click Attacks.

Dmitry Lozovoy
Dmitry Lozovoy

Security research

AgentFlayer: ChatGPT Connectors 0click Attack

Aug 6, 2025

•

11 min read

AgentFlayer: ChatGPT Connectors 0click Attack

Tamir Ishay Sharbat
Tamir Ishay Sharbat

Security research

AgentFlayer: When a Jira Ticket Can Steal Your Secrets

Aug 1, 2025

•

10 min read

AgentFlayer: When a Jira Ticket Can Steal Your Secrets

TL;DR: A 0click attack through a malicious Jira ticket can cause Cursor to exfiltrate secrets from the repository or local file system.

Marina Simakov
Marina Simakov

Security research

AgentFlayer: When AIjacking Leads to Full Data Exfiltration in Copilot Studio

Jul 7, 2025

•

9 min read

AgentFlayer: When AIjacking Leads to Full Data Exfiltration in Copilot Studio

Tamir Ishay Sharbat
Tamir Ishay Sharbat

Security research

EchoLeak: A Reminder That AI Agent Risks Are Here to Stay

Jun 20, 2025

•

7 min read

EchoLeak: A Reminder That AI Agent Risks Are Here to Stay

Marina Simakov
Marina Simakov

Security research

AgentFlayer: Discovery Phase of AI Agents in Copilot Studio

Jun 11, 2025

•

9 min read

AgentFlayer: Discovery Phase of AI Agents in Copilot Studio

Tamir Ishay Sharbat
Tamir Ishay Sharbat

Security research

AI Agents & 0-Click Exploits: The New Battle Ground for AI Security

Jun 5, 2025

•

5 min read

AI Agents & 0-Click Exploits: The New Battle Ground for AI Security

Tamir Ishay Sharbat
Tamir Ishay Sharbat

Talks

+1

Zenity Research Published at RSAC 2025

May 1, 2025

•

2 min read

Zenity Research Published at RSAC 2025

Copilots and agents are a new access vector; How to build an AppSec program that scales to the level of citizen development

Michael Bargury
Michael Bargury

Talks

+2

Links and materials for Scaling AppSec With an SDLC for Citizen Development

Apr 30, 2025

•

3 min read

Links and materials for Scaling AppSec With an SDLC for Citizen Development

Links, demos, tools and slides for RSAC 2025

Michael Bargury
Michael Bargury

Talks

+2

Links and materials for Your Copilot Is My Insider

Apr 30, 2025

•

2 min read

Links and materials for Your Copilot Is My Insider

Links, demos, tools and slides for RSAC 2025

Michael Bargury
Michael Bargury

Security research

Sure, Let AI Browse the Internet—What Could Possibly Go Wrong?

Oct 7, 2024

•

3 min read

Sure, Let AI Browse the Internet—What Could Possibly Go Wrong?

Internet browsing for AI agents leads to 0click compromise but these mitigations can help

Michael Bargury
Michael Bargury
Load more
Zenity Labs

Zenity Labs

Latest research, tools and talks about breaking and building AI systems, agents and assistants


Home

Meet Us

Join Us

© 2026 Zenity Labs.
beehiivPowered by beehiiv