Microsoft and ServiceNow's exploitable agents reveal a growing - and preventable - AI security crisis

This article describes critical security risks in agentic AI: AppOmni disclosed 'BodySnatcher', a ServiceNow vulnerability where an attacker with only an email could impersonate an admin and execute agents to create privileged backdoors (ServiceNow issued a patch), and researchers flagged Microsoft Copilot Studio's 'Connected Agents' feature (enabled by default) as allowing lateral agent-to-agent access that can expose privileged capabilities; the piece emphasizes the need for least-privilege defaults, monitoring of agent interactions, and vendor/customer mitigations.