AI Security Risks and Vulnerabilities Enterprises Must Address

### Executive Summary This report highlights emergent AI security threats—indirect prompt injection (e.g., EchoLeak CVE-2025-32711 and ForcedLeak) that can trick agents into executing embedded malicious instructions, malicious MCP integrations and compromised model hubs that expand the supply-chain attack surface, and a major data exposure (DeepSeek) leaking over a million records—then recommends zero trust, vendor due diligence, data minimization, monitoring, explainability, and incident preparedness to mitigate these risks.