LIVE FEED
IGA Platforms Add AI Agent Governance and Access Control

IGA Platforms Add AI Agent Governance and Access Control

FIRST LOOK ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.8 The Hacker News

A new analysis published via The Hacker News details how traditional Identity Governance and Administration (IGA) frameworks — built around HR-driven, human-centric lifecycle events — are fundamentally unequipped to govern AI agents acting as autonomous principals in enterprise environments. Security teams face a growing blind spot: AI agents acquire, retain, and exercise entitlements without triggering the joiner-mover-leaver workflows, manager attestations, or termination events that IGA tooling depends on. Defenders must now treat AI agent identities as a separate governance tier, requiring purpose-built provisioning, audit, and deprovisioning logic that existing platforms like Workday, SailPoint, and Azure AD connectors were never designed to provide.

AI Agent Hijacking via Legacy Infrastructure Exploits

AI Agent Hijacking via Legacy Infrastructure Exploits

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.5 The Hacker News

Attackers are bypassing AI-layer defences entirely by exploiting unpatched legacy infrastructure — misconfigured Active Directory, stale credentials, and over-privileged IAM roles — to hijack the resources AI agents depend on. Research cited in the article shows 70% of organisations grant AI systems more access than a human in the same role, driving a 76% incident rate among over-privileged deployments. The article argues that securing AI agents requires closing the underlying infrastructure exposure gap, not just hardening the model layer.

Token Security Launches AI Agent Identity Platform

Token Security Launches AI Agent Identity Platform

FIRST LOOK ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.2 BleepingComputer

Token Security has published analysis and launched a platform addressing the growing security gap created by AI agents operating as unmanaged identities within enterprise environments, connecting to critical systems like Salesforce, GitHub, Snowflake, and production databases with minimal governance. Most organizations have deployed AI agents using credentials provisioned for other purposes, creating high-privilege, low-visibility actors outside the scope of existing IAM controls. Defenders now face a sprawling, machine-speed identity layer that existing lifecycle management, least-privilege enforcement, and audit tooling were never designed to handle.

Orphaned AI Agents Bypass SailPoint Identity Controls

Orphaned AI Agents Bypass SailPoint Identity Controls

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

Enterprises deploying internal AI agents face a growing identity accountability gap: when the employee who created an autonomous agent leaves, the agent's access tokens and credentials often remain active and unmonitored. Traditional access management tools fail to detect this risk because they treat AI agents as static software rather than identity-bearing entities capable of exfiltrating sensitive data. The problem compounds at scale as shadow AI deployments proliferate across organizations without centralised visibility or ownership tracking.

Deepfakes and Prompt Injection Top AI Security Threats

Deepfakes and Prompt Injection Top AI Security Threats

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 Dark Reading

Gartner analysts have identified deepfakes and prompt injection as two of four critical emerging threats where attackers currently hold a structural advantage over defenders. The advisory signals growing institutional recognition that AI-native attack vectors are maturing faster than enterprise defenses. Organizations are urged to treat these threats as priority items requiring immediate defensive investment.

Excessive Agency in AI Agents Enables Enterprise Breaches

Excessive Agency in AI Agents Enables Enterprise Breaches

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 Dark Reading

Enterprises deploying AI agents with elevated permissions and minimal oversight face compounding security risks as agentic systems gain the ability to take real-world actions with limited human intervention. The attack surface expands dramatically when agents can access APIs, execute code, and chain decisions autonomously, making containment of a compromise significantly harder. Security teams must implement least-privilege principles and robust monitoring before agentic deployments scale beyond their ability to govern.

Shadow-AI Apps Expose Corporate Data via Misconfiguration

Shadow-AI Apps Expose Corporate Data via Misconfiguration

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

A Red Access investigation found over 2,000 corporate applications built on AI-assisted 'vibe-coding' platforms publicly accessible on the open internet, many containing sensitive business data with no access controls. These shadow-built apps connect directly to production systems — CRMs, ERPs, BI tools — creating a new class of unaudited attack surface invisible to conventional security stacks. Traditional controls such as CASB, DLP, and EDR are structurally blind to this threat because the risk originates at the application layer, not the identity or network layer.

SentinelOne Warns on Prompt Injection Risks in AI Agents

SentinelOne Warns on Prompt Injection Risks in AI Agents

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 SentinelOne Blog

SentinelOne has published guidance on securing agentic AI systems, framing unverified trust in AI agents as a core enterprise risk. The piece promotes their Prompt Security product as a control layer for AI tools, agents, and pipelines deployed across the enterprise. While primarily a product-focused announcement, it highlights the genuine security challenge of blind trust in autonomous AI agents executing actions on behalf of users and systems.

Gemini Spark Prompt Injection Exposes Enterprise Gmail Data

Gemini Spark Prompt Injection Exposes Enterprise Gmail Data

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 Simon Willison

Google's newly announced Gemini Spark personal AI agent, integrated with Gmail, Drive, Calendar, and other sensitive Google services, presents a significant prompt injection attack surface as it processes user data at scale. The article highlights that Google's published security mitigations — ephemeral VMs, Agent Gateway, and DLP policies — address infrastructure isolation but do not directly address the prompt injection vector inherent to LLM-powered agents processing untrusted content. Additionally, the transition from open-source Gemini CLI to a closed-source Antigravity CLI raises supply chain transparency concerns.

AI Agent Identity Sprawl Bypasses Enterprise IAM Systems

AI Agent Identity Sprawl Bypasses Enterprise IAM Systems

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.2 Dark Reading

As AI agents proliferate across enterprise environments, their associated non-human identities are introducing governance and security gaps that traditional IAM frameworks were not designed to handle. New Omdia research highlights that AI agent identity management demands distinct budget allocations and security controls separate from conventional IAM programs. The failure to properly secure and govern these machine identities exposes organisations to credential abuse, privilege escalation, and lateral movement risks.

AI Agent Privilege Escalation Bypasses IAM Visibility

AI Agent Privilege Escalation Bypasses IAM Visibility

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 6.5 The Hacker News

Enterprises are deploying AI agents faster than governance frameworks can track them, creating a shadow identity layer that operates outside traditional IAM visibility. These agents run continuously, accumulate permissions opportunistically, and interact with sensitive data at machine speed — largely unmonitored. The structural gap between agent activity and IAM coverage represents a significant and growing attack surface for privilege abuse and data exfiltration.

Anthropic Releases Claude Security Vulnerability Scanner

Anthropic Releases Claude Security Vulnerability Scanner

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 SecurityWeek

Anthropic has released Claude Security in public beta, a dedicated vulnerability scanning product aimed at countering the accelerating threat of AI-powered exploitation exemplified by its own Mythos model. The tool integrates directly into Claude Enterprise, scanning repositories for vulnerabilities, providing confidence-rated findings, and generating targeted patches — compressing the security team-to-engineer remediation cycle from days to a single session. The launch reflects a broader industry acknowledgment that frontier AI models in adversarial hands are fundamentally shortening time-to-exploit, forcing defenders to adopt equivalent AI-native tooling.

Agentic AI Excessive Agency Bypasses Security Testing

Agentic AI Excessive Agency Bypasses Security Testing

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 The Hacker News

The article examines the architectural tension between fully agentic AI systems and deterministic validation frameworks in security testing contexts, arguing that unconstrained AI autonomy introduces repeatability and auditability risks. It highlights how probabilistic AI behaviour — while valuable for exploration — undermines the measurable, consistent outcomes required for enterprise security validation programs. The piece reflects a broader industry debate about governing AI agency in high-stakes operational environments.

AI Browser Extensions 60% Riskier Than Standard Tools

AI Browser Extensions 60% Riskier Than Standard Tools

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.5 The Hacker News

A LayerX report reveals that AI browser extensions represent a largely unmonitored attack surface in enterprise environments, with 1-in-6 enterprise users already running at least one AI extension. These extensions are statistically riskier than standard extensions — 60% more likely to carry a CVE, 3x more likely to access cookies, and capable of exfiltrating sensitive data without triggering DLP or SaaS monitoring controls. The finding highlights a critical governance gap in AI consumption channels that bypasses traditional enterprise security tooling.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.