{"data":{"id":"25ac4969-8f0e-43d0-bd38-7fb608e47a02","title":"Shadow AI: The Hidden Risk Expanding Across the Enterprise","summary":"Organizations are rapidly adopting unauthorized AI tools without proper security oversight, creating 'shadow AI' (unsanctioned AI use that bypasses governance controls) that exposes sensitive data and creates new attack surfaces. Traditional security tools like firewalls and Zero Trust architecture (a security model that requires verification for every access request) cannot detect AI-specific threats such as prompt injection (tricking an AI by hiding malicious instructions in its input), leaving companies vulnerable to data leaks, compliance failures, and attacks that exploit AI systems.","solution":"CrowdStrike Falcon AI Detection and Response (AIDR) is designed to provide visibility, control, and protection for AI-driven environments and can identify and stop AI-specific threats such as prompt injection.","labels":["security","policy"],"sourceUrl":"https://www.crowdstrike.com/en-us/blog/shadow-ai-hidden-risk-expanding-across-the-enterprise/","publishedAt":"2026-05-29T05:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection","rag_poisoning"],"issueType":"news","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["CrowdStrike","OpenAI","Claude","Gemini"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-05-29T05:00:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"api","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}