Bottom line: Organizations lose control over AI agents because they fail to integrate legacy systems into their AI security strategy.
Attackers deliberately exploit outdated infrastructure to bypass security mechanisms of AI agents. This blind spot is not addressed by most security programs, even though 71 % of organizations are already piloting AI agents.
The security landscape surrounding AI agents reveals a structural gap: While enterprises are rolling out machine learning models and automated agents at increasing speed, new attack vectors are emerging. Attackers identify and deliberately abuse older, existing systems – classic hardware, outdated software, legacy applications – as a bridge to access AI agents from the outside and hijack them.
The problem is temporal: AI adoption moves faster than traditional security programs can keep pace. Approximately 71 % of organizations are already running pilots with AI agents. At the same time, in many of the same companies, older, often inadequately monitored infrastructure components continue to operate, unlinked to modern threat intelligence processes. Security teams frequently treat this infrastructure as “problem solved” or simply overlook it.
For CISOs, this means dual prioritization: they must not only harden the new AI agents themselves, but also incorporate all connection points to existing legacy systems into their threat models. This includes inventorying older systems, their network dependencies to modern workloads, and the robustness of access controls.
Source: thehackernews.com · Published June 22, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.