AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started

Prompt Injection, Session Hijacking, and Why AI Isn't Writing the Attack Plans Yet

In this Initial Access podcast episode, we cover AI prompt injection risks, continued social engineering via LinkedIn and QR codes, credential theft and session hijacking, patch reliability and appliance security, and how AI is being used to accelerate malware development—distinguishing meaningful risk from overhyped claims.

This week, we took a real look at the latest security headlines and have a straight take on them. The goal is simple: do you actually need to care about this, or is it just another variation of the same fundamental security problems we’ve been dealing with for years? This is a temperature check; just practical perspective on what’s new, what isn’t, and what matters right now.

Key Takeaways:

  • AI prompt injection
    • What matters: Prompt injection reflects a classic control-versus-data failure, similar to historical injection vulnerabilities. Most current mitigations rely on prompt-based guardrails that are fragile by design. Meaningful improvement likely requires changes at the model level.
    • What’s overhyped: Framing these as isolated Gemini or Copilot bugs. The issue is structural and will continue to appear across AI-enabled products.
  • Social engineering via LinkedIn and QR code
    • What matters: Attackers continue to succeed by abusing trusted, low-friction channels where users don’t scrutinize links or attachments.
    • What’s overhyped: Characterizing these delivery mechanisms as new or novel techniques. They are long-standing vectors seeing increased use—not innovation.
  • Credential theft and session hijacking
    • What matters: User fatigue, browser-based workflows, and malicious extensions make credential and session theft highly scalable. Persistence and timing are the primary success factors.
    • What’s overhyped: The idea that attackers need advanced techniques to gain access. Most initial access still comes from basic phishing and session abuse.
  • Patch reliability and appliance security
    • What matters: Rapid patches often act as partial mitigations rather than complete fixes, especially for appliances. Organizations should expect follow-on updates and plan for residual risk.
    • What’s overhyped: Assuming incomplete patches indicate vendor negligence. In many cases, this reflects the tradeoff between speed and thoroughness.
  • AI-generated malware
    • What matters: AI is being used to reduce attacker labor by accelerating repetitive engineering tasks, such as porting malware across platforms.
    • What’s overhyped: Claims that AI is autonomously planning or executing attack campaigns. The strategy and intent remain human-driven.
Vinnie Liu headshot

About the speaker, Vincent Liu

CEO & Co-founder of Bishop Fox

Vincent Liu (CISSP) is CEO and cofounder at Bishop Fox. With over two decades of experience, Vincent is an expert in offensive security and security strategy; at Bishop Fox, he leads firm strategy and oversees client relationships. Vincent is regularly cited and interviewed by media such as Al Jazeera, The Information, and NPR while also writing as a contributing columnist for Dark Reading. He has presented at Microsoft BlueHat and Black Hat and has co authored seven books including Hacking Exposed Wireless and Hacking Exposed Web Applications. Vincent sits on the advisory boards of AppOmni, Elevate Security, Mod N Labs, and the University of Advancing Technology in addition to serving as returning faculty at the Practising Law Institute. Prior to founding Bishop Fox, Vincent led the Attack & Penetration team for the Global Security unit at Honeywell International. Before that, he was a consultant with the Ernst & Young Advanced Security Centers and an analyst at the National Security Agency.
More by Vincent
Dan Petro Headshot

About the speaker, Dan Petro

Senior Security Engineer

As a senior security engineer for the Bishop Fox Capability Development team, Dan builds hacker tools, focusing on attack surface discovery. Dan has extensive experience with application penetration testing (static and dynamic), product security reviews, network penetration testing (external and internal), and cryptographic analysis. He has presented at several Black Hats and DEF CONs on topics such as hacking smart safes, hijacking Google Chromecasts, and weaponizing AI. Dan holds both a Bachelor of Science and a Master of Science in Computer Science from Arizona State University.

More by Dan
Zach moreno

About the speaker, Zach Moreno

Practice Director

Zach Moreno is a Practice Director at Bishop Fox and focuses on application penetration testing (static and dynamic), vulnerability risk management, network penetration testing (external and internal), and dynamic application security testing. He has advised Fortune 500 brands and startups in industries such as health care, financial services, education, and technology.

More by Zach

Related Resources

Virtual session graphic titled “Application Security: Getting More Out of Your Penetration Tests,” focused on improving application penetration testing value..
Virtual Session

Application Security: Getting More Out of Your Pen Tests

Application pen tests cost real time and money. Learn how to get real value from them. Bishop Fox lead researcher Dan Petro explains what good app tests include, how to evaluate AI-powered testing, and the questions that matter before and after an engagement.

Learn More
Christie Terrill A Note on AI thumbnail from video with Bishop Fox branding and logo.
Executive Briefing

A Note on AI from Christie Terrill, CISO, Bishop Fox

This month Christie Terrill has been at several industry events and conferences, and she had so many great AI-focused conversations with peers like other CISOs, heads of security, and practitioners. She wanted to share a few thoughts and trends that keep coming up across those discussions.

Learn More
Fireside chat title: Fireside Chat - SaaS Security: Inside Recent Attacks Disrupting Global Enterprises and code showing on a white background.
Virtual Session

Fireside Chat - SaaS Security: Inside Recent Attacks Disrupting Global Enterprises

Two recent cyberattacks crippled global enterprises by exploiting Salesforce OAuth mechanisms. Join CISO Christie Terrill and former Salesforce security leader Brian Soby for an exclusive breakdown of these breaches and actionable defense strategies in this live fireside chat.

Learn More

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.