Anthropic just published the incident report every CISO has been dreading: an espionage op where 80–90% of the intrusion was run by an AI agent, not a human.
Thousands of MCP-driven requests per second, four to six human approvals, ~30 global targets… and the real C2 wasn’t a box in some data center. It was “helpful” AI agents wired into OAuth, SaaS connectors, and your wiki.
If your “AI program” isn’t treating agents + connectors as C2 infrastructure, you’re not doing AI security, you’re hosting someone else’s botnet:
Correlate agent orchestration to OAuth consent + token-minting bursts.
Enforce admin consent, CAE, and PoP/DPoP-style binding to kill token replay.
Allowlist signed connectors + attested RAG sources so one poisoned wiki page can’t trigger cross-tenant chaos.
Your AI agents are the new C2. Identity and connectors decide how bad “bad” gets.
Are you actually measuring scope creep, token bursts, and agent blast radius yet—or just hoping your EDR “sees” it?
👉 Read the full breakdown: https://blog.alphahunt.io/your-ai-agents-are-the-new-c2-lock-down-identity-connectors
#AlphaHunt #CyberSecurity #ThreatIntelligence #AIsecurity #IdentitySecurity