AI Security Tools Compromised: A New Threat Emerges
Adversaries have hijacked AI security tools at over 90 organizations, raising alarms about new vulnerabilities. Discover how these threats could escalate with autonomous agents gaining write access to critical infrastructure.
The Rise of Autonomous Threats
In 2025, adversaries exploited legitimate AI tools, injecting malicious prompts that led to credential theft and cryptocurrency loss across more than 90 organizations. The alarming shift from compromised tools that merely read data to autonomous agents capable of rewriting firewall rules marks a significant escalation in cyber threats.
These autonomous SOC agents can modify IAM policies and quarantine endpoints using privileged credentials, all while appearing as authorized activity to EDR systems. This means that adversaries can manipulate networks without ever directly accessing them, creating a new layer of risk for organizations.
- •Key points to consider:
- •Cisco's AgenticOps and Ivanti's Continuous Compliance are examples of new tools with autonomous capabilities.
- •The OWASP Top 10 for Agentic Applications highlights vulnerabilities in these systems.
- •The average enterprise now faces an 82:1 machine-to-human identity ratio, complicating security measures.
As the landscape evolves, organizations must adapt their governance frameworks to address these emerging threats effectively. The 2026 Global Threat Report emphasizes the urgency of this issue, as state-sponsored AI exploitation surged by 89% last year.