A Token Flaw Turned Azure’s AI Agent Into a Spy

A security vulnerability in Azure’s AI Agent allowed unauthorized access to commands, credentials, and sensitive information due to a flawed token verification system. This critical flaw, now patched and tracked as CVE-2026-32173, highlights growing concerns about AI agent security as rapid adoption outpaces governance controls.