

A guide to understanding Copilot Studio AI agents, their deeper architecture on Entra ID and APIM, and key security risks.

Hidden privilege paths are one of the most dangerous blind spots in identity security. In this Phantom Labs research blog, we explore how statistical modeling and machine learning applied to the BeyondTrust True Privilege™ Graph can detect anomalous privilege paths and unexpected access relationships across complex environments.

Uncover hidden power and privilege in your organization. Learn how scattered permissions, connected apps, and APIs create Salesforce access risk.
This blog explores how computer use agents can be used to build an agentic command-and-control framework. By combining LLM reasoning with desktop interaction tools, attackers could automate endpoint control while blending into normal system behavior. Here, we break down the architecture, abuse scenarios, and detection opportunities.
The integration of AI coding agents into developer workflows have introduced new, high-impact attack surfaces. BeyondTrust Phantom Labs recently identified a critical command injection vulnerability in OpenAI Codex that allowed for the theft of GitHub User Access Tokens. This blog provides a deep dive into the exploit, the risks of automated token exfiltration, and essential mitigations for AI vendors and the organizations that deploy them.