BREAKING
Attack Path Targets AI Agent Data
Chaining Trusted Legacy Systems
1Apache Tomcat RCE
2Active Directory
3AWS IAM keys
4S3 RAG store
Indirect Path vs Direct Attack
Direct model attackOld way
Jailbreaks
Prompt guards
Agent framework
Trust-boundary pathThis scenario
Tomcat foothold
AD escalation
Stolen AWS keys
Why The Blast Radius Grows
Defenses: Least Privilege
1Scope to s3:GetObject
2MCP gateways
3Sandbox + human-in-loop
4Monitor tool chains
Focus Shifts To Trust Boundaries
AI NEWS BLITZ
A modeled attack path reaches an AI agent's data without touching the model itself.