{"data":{"id":"20fc29f5-aa97-4d7b-b82b-f151001bed0c","title":"Microsoft identifies seven new ways AI agents can be hacked","summary":"Microsoft has identified seven new ways that agentic AI systems (AI programs that can take actions autonomously) can fail or be attacked, building on previous research. These vulnerabilities include attacks where adversaries manipulate agent behavior through natural language, redirect an agent's goals, trick agents communicating with each other, exploit visual interfaces, contaminate data to bias reasoning, abuse plugins and protocols, and cause agents to leak internal information.","solution":"Microsoft advises security teams to: inventory their supply chain and generate a software bill of materials (SBOM, a detailed list of all components in deployed agents); verify agent identity using cryptographic credentials issued at provisioning rather than relying on position or location; add the seven new failure modes to their red-team coverage matrix (security testing that simulates attacks); and audit the human-in-the-loop user experience (where humans review or approve agent actions) as a security control.","labels":["security","safety"],"sourceUrl":"https://www.csoonline.com/article/4181846/microsoft-identifies-seven-new-ways-ai-agents-can-be-hacked-2.html","publishedAt":"2026-06-05T17:20:34.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["supply_chain","jailbreak","rag_poisoning","prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-05T17:20:34.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}