Signal criticality: High
What happened: Dark Reading published "Google's Vertex AI Has an Over-Privileged Problem". Palo Alto researchers show how attackers could exploit AI agents on Google's Vertex AI to steal data and break into restricted cloud infrastructure The report describes a concrete compromise, exposure, or abuse pattern with direct defensive implications.
Key takeaways:
Original source: https://www.darkreading.com/cyber-risk/googles-vertex-ai-over-privilege-problem
Signal criticality: High
What happened: Help Net Security reported that codenotary AgentMon monitors agentic AI activity and behavior Codenotary launched AgentMon, an enterprise-grade monitoring designed specifically for agentic networks, providing organizations with real-time visibility into the security, performance and cost of AI-driven agents operating across the enterprise. As adoption of AI accelerates, agentic systems, semi-autonomous software agents that act on behalf of users and applications, are becoming embedded across business operations. The market for AI agents expected to grow at a 45% CAGR over the next five years, reports consulting firm BCG.
Key takeaways:
Original source: https://www.helpnetsecurity.com/2026/03/31/codenotary-agentmon-agentic-ai/
Signal criticality: High
What happened: Unit 42 published that threat Research Center Threat Research Malware Malware Double Agents: Exposing Security Blind Spots in GCP Vertex AI 11 min read Related Products Cortex Cortex Cloud Prisma AIRS Unit 42 AI Security Assessment Unit 42 Incident Response By: Ofir Shaty Published: March 31, 2026 Categories: Malware Threat Research Tags: Agentic AI Data exfiltration GCP Google Cloud Google cloud storage JSON LLM Privilege escalation Vertex AI Share Executive Summary Artificial intelligence (AI) agents are quickly advancing into powerful autonomous systems that can perform complex tasks.
Key takeaways:
Original source: https://unit42.paloaltonetworks.com/double-agents-vertex-ai/
The strongest signal today is that AI security is being decided in the surrounding control layer — permissions, connectors, deterministic workflow design, response speed, and the infrastructure that still underpins trust. That is a more durable framing than generic agent hype, and it is the one worth carrying forward.