LIVE FEED
Amazon Q Extension Credential Theft via MCP Injection

Amazon Q Extension Credential Theft via MCP Injection

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.5 Dark Reading

A vulnerability in the Amazon Q Visual Studio Code extension allows adversaries to plant malicious repositories that execute arbitrary code and exfiltrate cloud credentials. The flaw highlights escalating risks associated with Model Context Protocol (MCP) integrations embedded within AI-powered developer tools. This attack vector represents a growing threat surface as AI coding assistants gain privileged access to developer environments and cloud infrastructure.

Sweet Security Launches Sweet Attack Agentic AI Red Teaming

Sweet Security Launches Sweet Attack Agentic AI Red Teaming

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 7.2 SecurityWeek

Sweet Security has launched 'Sweet Attack', a continuous agentic AI red teaming platform designed to counter the growing asymmetry between AI-assisted attackers and human defenders — a tipping point the industry has termed the 'Mythos Moment'. The platform differentiates itself by grounding frontier model reasoning in live runtime telemetry from each customer's own environment, including topology, identity paths, and unencrypted Layer 7 exposure, to identify genuinely exploitable attack chains rather than theoretical ones. The development signals a broader industry shift toward autonomous, environment-aware AI agents as a necessary component of modern security operations.

Zealot: Autonomous LLM Cloud Penetration Testing System

Zealot: Autonomous LLM Cloud Penetration Testing System

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 9.0 Palo Alto Unit 42

Unit 42 researchers built 'Zealot,' a multi-agent LLM-powered penetration testing system capable of autonomously executing end-to-end offensive operations against cloud infrastructure, demonstrating that AI acts as a significant force multiplier for cloud attacks. The system successfully attacked a misconfigured GCP sandbox environment using a supervisor-coordinated architecture of specialist agents, validating that agentic AI can operate at machine speed against real cloud misconfigurations. This research follows Anthropic's November 2025 disclosure of a state-sponsored AI-orchestrated espionage campaign and marks a critical inflection point in understanding autonomous AI offensive capabilities.

Vertex AI Privilege Escalation Exposes GCP Credentials

Vertex AI Privilege Escalation Exposes GCP Credentials

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 9.2 Palo Alto Unit 42

Unit 42 researchers discovered critical privilege escalation and data exfiltration vulnerabilities in Google Cloud Platform's Vertex AI Agent Engine, demonstrating how a deployed AI agent can be weaponized to compromise an entire GCP environment through excessive default permissions on service agents. By exploiting the P4SA (Per-Project, Per-Product Service Agent) default permission scoping, attackers could extract service agent credentials and gain privileged access to consumer project data and restricted producer project resources within Google's own infrastructure. Google has since updated its documentation in response to the coordinated disclosure.

AI-Powered Adversarial Attacks Spark Artemis Defense

AI-Powered Adversarial Attacks Spark Artemis Defense

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 SecurityWeek

Artemis, a cybersecurity startup focused on AI-powered threat defence, has emerged from stealth with $70 million in funding, positioning itself to counter AI-driven attacks across applications, users, endpoints, and cloud workloads. The emergence signals growing investor confidence in purpose-built AI security platforms designed to address the escalating threat landscape of adversarial AI. While details on specific technical capabilities remain sparse, the company's broad scope suggests coverage of multiple attack surfaces increasingly targeted by AI-enabled threat actors.

Google Vertex AI Over-Privilege Enables Data Exfiltration

Google Vertex AI Over-Privilege Enables Data Exfiltration

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.5 Dark Reading

Palo Alto Networks researchers have identified over-privilege vulnerabilities in Google's Vertex AI platform, demonstrating how malicious actors could exploit AI agents to exfiltrate sensitive data and pivot into restricted cloud infrastructure. The findings highlight systemic risks in agentic AI deployments where excessive permissions granted to AI workloads expand the attack surface beyond traditional cloud security boundaries. This research underscores the growing urgency around securing AI agent permissions and enforcing least-privilege principles in enterprise ML platforms.

Shadow AI Governance Threats Across SaaS and Cloud Endpoints

Shadow AI Governance Threats Across SaaS and Cloud Endpoints

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 CrowdStrike Blog

CrowdStrike has announced new platform innovations targeting the governance of Shadow AI and the security of AI agents across endpoints, SaaS, and cloud environments. The release highlights growing enterprise concerns around unmanaged AI tool proliferation and the attack surface introduced by autonomous AI agents. These developments reflect an industry-wide shift toward operationalising AI-specific security controls within existing SOC workflows.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.