Security researchers have revealed alarming vulnerabilities in agentic AI systems, particularly those using Model Context Protocols, which expose organizations to cross-system exploitation, Security Boulevard reports.
Lasso Security identified a critical flaw called "IdentityMesh," which allows threat actors to merge AI agent identities across platforms, enabling them to bypass traditional system isolation and exploit unified authentication to exfiltrate data or distribute malware. An example demonstrated how AI agents in browsers like Comet or Edge Copilot could follow malicious instructions embedded in benign-looking support tickets, exposing sensitive information across Gmail, GitHub, and other systems. Meanwhile, API security firm Pynt found that as the number of MCPs in an environment increases, so does the risk, rising to 92% for systems with ten MCPs. Pynt also documented attack chains exploiting combinations of AI tools to execute arbitrary code. Experts urge organizations to adopt AI-specific security measures, such as stricter permission controls, runtime monitoring, and context isolation, emphasizing the urgent need for frameworks tailored to AI's unique operational complexities
Lasso Security identified a critical flaw called "IdentityMesh," which allows threat actors to merge AI agent identities across platforms, enabling them to bypass traditional system isolation and exploit unified authentication to exfiltrate data or distribute malware. An example demonstrated how AI agents in browsers like Comet or Edge Copilot could follow malicious instructions embedded in benign-looking support tickets, exposing sensitive information across Gmail, GitHub, and other systems. Meanwhile, API security firm Pynt found that as the number of MCPs in an environment increases, so does the risk, rising to 92% for systems with ten MCPs. Pynt also documented attack chains exploiting combinations of AI tools to execute arbitrary code. Experts urge organizations to adopt AI-specific security measures, such as stricter permission controls, runtime monitoring, and context isolation, emphasizing the urgent need for frameworks tailored to AI's unique operational complexities




