{"data":{"id":"c53f15aa-b573-470a-9f91-9c94f9aaa825","title":"Updating the taxonomy of failure modes in agentic AI systems: What a year of red teaming taught us ","summary":"Microsoft's AI Red Team updated their taxonomy of failure modes in agentic AI systems (AI systems that can autonomously perform tasks) from v1.0 to v2.0 based on 12 months of real-world security testing. The update added seven new failure mode categories, including agentic supply chain compromise (injecting malicious instructions into tool registries), goal hijacking (redirecting an agent's objectives through disguised commands), and inter-agent trust escalation (one compromised agent deceiving others about its permissions). The revision was driven by rapid adoption of open-source agentic frameworks, widespread vulnerabilities in tool ecosystems, and the emergence of computer-use agents that interact with graphical interfaces.","solution":"N/A -- no mitigation discussed in source.","labels":["security","research"],"sourceUrl":"https://www.microsoft.com/en-us/security/blog/2026/06/04/updating-taxonomy-failure-modes-agentic-ai-systems-year-red-teaming-taught-us/","publishedAt":"2026-06-04T19:14:42.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"info","attackType":["prompt_injection","model_poisoning","supply_chain","jailbreak"],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft","OpenClaw"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-04T19:14:42.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability","safety"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}