The rapid integration of agentic AI and automated tools into enterprise environments is outpacing the ability of security teams to adapt, according to recent industry reports. Attackers are leveraging both automation and early forms of agentic AI to bypass traditional defenses, forcing organizations to increase investments in AI-powered security solutions. Despite these efforts, many enterprises continue to experience significant losses, with measurable improvements in defense remaining inconsistent. Security leaders are urged to focus on the broader business impact of these threats and to accelerate the training and upskilling of their teams to effectively manage and tune AI-driven security tools.
A parallel trend is the proliferation of non-human identities (NHIs) as organizations adopt AI agents within their identity infrastructure. This expansion is creating new security gaps, with a majority of IT leaders expecting agentic AI to be responsible for a substantial portion of cyberattacks in the near future. As a result, there is a marked shift in identity and access management strategies, with many organizations changing IAM providers due to security concerns. Confidence in the ability to recover quickly from incidents is declining, highlighting the urgent need for more robust and adaptive security measures in the face of evolving AI-driven threats.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
The SINET Identity Working Group proposed an 'AI Trust Fabric' approach to modernize identity for the AI era, calling for cryptographically verifiable identities and dynamic, fine-grained, revocable, just-in-time access controls. The proposal was presented as a response to the growing autonomy and scale of AI agents.
Varonis research and related expert analysis warned that autonomous AI agents are stressing human-centered identity and access management systems that were not built for machine-speed interactions. The reporting emphasized risks such as prompt injection, data poisoning, model extraction, and CI/CD pipeline abuse.
Verizon's 2025 Data Breach Investigations Report highlighted compromised identities as the leading cause of cyber intrusions, underscoring attackers' growing reliance on stolen credentials. This finding became a key data point in later warnings about AI-driven identity risk.
Multiple November 2025 reports and articles said growing enterprise adoption of agentic AI is expanding identity sprawl and exposing gaps in existing security controls. The coverage framed the issue as an urgent need for defenders and CISOs to adapt identity governance and access models.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
6 references tracked. Mallory keeps watching after this page renders.
securityboulevard.com
Open sourcehelpnetsecurity.com
Open sourcecsoonline.com
Open sourcescworld.com
Open sourcesecuritysenses.com
Open sourcescworld.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.