<?xml version="1.0" encoding="UTF-8"?>        <rss version="2.0"
             xmlns:atom="http://www.w3.org/2005/Atom"
             xmlns:dc="http://purl.org/dc/elements/1.1/"
             xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
             xmlns:admin="http://webns.net/mvcb/"
             xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
             xmlns:content="http://purl.org/rss/1.0/modules/content/">
        <channel>
            <title>
									NHIMG Forum - Recent Posts				            </title>
            <link>https://nhimg.org/community/</link>
            <description>NHIMG Discussion Board</description>
            <language>en-US</language>
            <lastBuildDate>Sat, 18 Jul 2026 00:52:34 +0000</lastBuildDate>
            <generator>wpForo</generator>
            <ttl>60</ttl>
							                    <item>
                        <title>RE: Silk Typhoon arrest and exposed credentials: what do teams need to watch?</title>
                        <link>https://nhimg.org/community/nhi-breaches/silk-typhoon-arrest-and-exposed-credentials-what-do-teams-need-to-watch/#post-26181</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:43 +0000</pubDate>
                        <description><![CDATA[Exposed credentials are not just an entry problem, they are a force multiplier for espionage. The article shows a group that combines scanning, spraying, and credential hunting because each ...]]></description>
                        <content:encoded><![CDATA[<p>Exposed credentials are not just an entry problem, they are a force multiplier for espionage. The article shows a group that combines scanning, spraying, and credential hunting because each method increases the chance of finding a reusable access path. That is an identity problem as much as a vulnerability problem, because one leaked secret can bypass layers of perimeter thinking. Practitioners should treat exposed credentials as the start of a broader access graph, not a single incident.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>The average estimated time to remediate a leaked secret is 27 days, despite 75% of organisations expressing strong confidence in their secrets management capabilities, according to <a href="https://nhimg.org/the-state-of-secrets-in-appsec?utm_source=nhimg&amp;utm_medium=NHIForum">The State of Secrets in AppSec</a>.</li>
<li>Only 44% of developers are reported to follow security best practices for secrets management, which explains why exposed credentials remain a recurring identity exposure.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-should-be-accountable-when-third-party-access-is-abused/?utm_source=nhimg&amp;utm_medium=NHIForum">Who should be accountable when third-party access is abused?</a></strong></p>
<p><strong>A:</strong> Accountability should sit with the teams that own the access path, the detection logic, and the response workflow. Third-party access is not a special exception to identity governance; it is a high-risk access category that needs explicit ownership, monitoring, and containment rules. Without that clarity, the organisation can see the event but fail to respond decisively.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/silk-typhoon-arrest-highlights-the-operational-risk-of-exposed-credentials/">Silk Typhoon arrest highlights the operational risk of exposed credentials</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/silk-typhoon-arrest-and-exposed-credentials-what-do-teams-need-to-watch/#post-26181</guid>
                    </item>
				                    <item>
                        <title>RE: xAI API key leaks: what does this mean for AI access governance?</title>
                        <link>https://nhimg.org/community/nhi-breaches/xai-api-key-leaks-what-does-this-mean-for-ai-access-governance/#post-26180</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:26 +0000</pubDate>
                        <description><![CDATA[API keys for AI models are non-human identities, not just development artefacts. Once an AI key can authenticate a model service, it carries the same governance burden as any other machine c...]]></description>
                        <content:encoded><![CDATA[<p>API keys for AI models are non-human identities, not just development artefacts. Once an AI key can authenticate a model service, it carries the same governance burden as any other machine credential. The article shows that model access can be exposed in ordinary code workflows and remain live after discovery, which makes secrets governance a first-class identity control rather than a hygiene task. Practitioners should classify model API keys as governed NHIs with explicit ownership and lifecycle.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation, according to <a href="https://nhimg.org/the-state-of-secrets-sprawl-2026?utm_source=nhimg&amp;utm_medium=NHIForum">The State of Secrets Sprawl 2026</a>.</li>
<li>AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-a-vulnerable-ai-workflow-exposes-api-keys/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when a vulnerable AI workflow exposes API keys?</a></strong></p>
<p><strong>A:</strong> Accountability sits with the teams that approved the trust boundary, not just the developers who used the framework. Security, platform, and application owners all have a role when model output can reach secrets or execution logic. The correct control view is shared governance over AI runtime paths, because the failure spans code, identity, and secrets management.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/second-xai-api-key-leak-shows-ai-model-access-remains-fragile/">Second xAI API key leak shows AI model access remains fragile</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/xai-api-key-leaks-what-does-this-mean-for-ai-access-governance/#post-26180</guid>
                    </item>
				                    <item>
                        <title>RE: Yocto Project 5.0.11: what the CVE-heavy release means for teams</title>
                        <link>https://nhimg.org/community/nhi-breaches/yocto-project-5-0-11-what-the-cve-heavy-release-means-for-teams/#post-26179</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:23 +0000</pubDate>
                        <description><![CDATA[Patch cadence is a security control only when downstream teams can absorb it. Embedded Linux releases often look like routine maintenance, but the operational reality is that each CVE fix mu...]]></description>
                        <content:encoded><![CDATA[<p>Patch cadence is a security control only when downstream teams can absorb it. Embedded Linux releases often look like routine maintenance, but the operational reality is that each CVE fix must pass through image rebuilds, regression checks, and device validation. That means remediation speed is bounded by governance maturity as much as by upstream patch availability. Practitioners should treat release intake as a control process, not a package management task.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to <a href="https://nhimg.org/the-ultimate-guide-to-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">the Ultimate Guide to NHIs</a>.</li>
<li>Only 5.7% of organisations have full visibility into their service accounts, according to <a href="https://nhimg.org/the-ultimate-guide-to-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">the Ultimate Guide to NHIs</a>.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/which-controls-matter-most-when-embedded-systems-rely-on-automated-release-tooli/?utm_source=nhimg&amp;utm_medium=NHIForum">Which controls matter most when embedded systems rely on automated release tooling?</a></strong></p>
<p><strong>A:</strong> Ownership, least privilege, and provenance verification matter most. Teams need to know which automated identities can fetch, build, sign, and publish artifacts, then prove that each release came from approved inputs. Without that chain of trust, patching does not guarantee release integrity.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/yocto-project-5011-shows-patch-cadence-matters-for-embedded-linux/">Yocto Project 5.0.11 shows patch cadence matters for embedded Linux</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/yocto-project-5-0-11-what-the-cve-heavy-release-means-for-teams/#post-26179</guid>
                    </item>
				                    <item>
                        <title>RE: Social Security data on cloud servers: what controls are missing?</title>
                        <link>https://nhimg.org/community/nhi-breaches/social-security-data-on-cloud-servers-what-controls-are-missing/#post-26178</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:17 +0000</pubDate>
                        <description><![CDATA[Identity data cloned into cloud environments creates a governance gap, not just a hosting change. Once a live dataset is copied for testing, the organisation must prove that access, logging ...]]></description>
                        <content:encoded><![CDATA[<p>Identity data cloned into cloud environments creates a governance gap, not just a hosting change. Once a live dataset is copied for testing, the organisation must prove that access, logging and oversight still match the sensitivity of the source. Without that proof, the cloud environment becomes a parallel trust domain with weaker accountability. Practitioners should treat cloned identity repositories as governed assets, not disposable test material.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>72% of organisations have experienced or suspect they have experienced a breach of non-human identities, according to <a href="https://nhimg.org/2024-esg-report-managing-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">The 2024 ESG Report: Managing Non-Human Identities</a>.</li>
<li>Enterprises that have experienced a compromised NHI averaged 2.7 separate incidents in the past 12 months, according to <a href="https://nhimg.org/2024-esg-report-managing-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">The 2024 ESG Report: Managing Non-Human Identities</a>.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-a-high-risk-identity-dataset-is-moved-into-a-cloud-envir/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when a high-risk identity dataset is moved into a cloud environment?</a></strong></p>
<p><strong>A:</strong> Accountability should sit with the <a href="https://nhimg.org/the-ultimate-guide-to-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">data owner</a>, the approving security function and the operational team that controls the environment. When the dataset is personal identity information, privacy and compliance obligations may also apply. Informal approvals are not enough for population-scale records.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/social-security-data-on-a-cloud-server-exposes-a-governance-gap/">Social Security data on a cloud server exposes a governance gap</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/social-security-data-on-cloud-servers-what-controls-are-missing/#post-26178</guid>
                    </item>
				                    <item>
                        <title>RE: SIM farms and mobile network disruption: what practitioners need to know</title>
                        <link>https://nhimg.org/community/nhi-breaches/sim-farms-and-mobile-network-disruption-what-practitioners-need-to-know/#post-26177</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:11 +0000</pubDate>
                        <description><![CDATA[SIM farm abuse is an identity lifecycle problem disguised as telecom fraud. The core governance failure is not just the presence of many SIM cards, but the absence of strong issuance, attrib...]]></description>
                        <content:encoded><![CDATA[<p>SIM farm abuse is an identity lifecycle problem disguised as telecom fraud. The core governance failure is not just the presence of many SIM cards, but the absence of strong issuance, attribution, and offboarding controls across large pools of disposable identities. When device identities can be cycled faster than defenders can correlate them, the abuse surface behaves like unmanaged non-human identity sprawl. Practitioners should treat telecom abuse as lifecycle governance, not only network monitoring.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>The NYC SIM farm used 300 SIM boxes running about 100,000 SIM cards, according to <a href="https://nhimg.org/llmjacking-how-attackers-hijack-ai-using-compromised-nhis?utm_source=nhimg&amp;utm_medium=NHIForum">LLMjacking: How Attackers Hijack AI Using Compromised NHIs</a>.</li>
<li>Our research shows that when AWS credentials are exposed publicly, attackers attempt access within an average of 17 minutes, and as quickly as 9 minutes in some cases.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-telecom-saturation-threatens-emergency-communications/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when telecom saturation threatens emergency communications?</a></strong></p>
<p><strong>A:</strong> Accountability should sit with the owners of the infrastructure, the operators who can activate it, and the resilience function that tests the failure scenario. If third parties can provision the assets, contractual offboarding and emergency disablement rights also need clear responsibility.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/sim-farms-expose-a-low-cost-path-to-mobile-network-disruption/">SIM farms expose a low-cost path to mobile network disruption</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/sim-farms-and-mobile-network-disruption-what-practitioners-need-to-know/#post-26177</guid>
                    </item>
				                    <item>
                        <title>RE: Accidental spreadsheet leaks: what it means for identity governance</title>
                        <link>https://nhimg.org/community/nhi-breaches/accidental-spreadsheet-leaks-what-it-means-for-identity-governance/#post-26176</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:09 +0000</pubDate>
                        <description><![CDATA[Human identity leaks become security incidents when the data can be weaponised. This case is not about a conventional system intrusion, it is about the operational consequences of exposing i...]]></description>
                        <content:encoded><![CDATA[<p>Human identity leaks become security incidents when the data can be weaponised. This case is not about a conventional system intrusion, it is about the operational consequences of exposing identifiable people to hostile actors. The core failure was a data handling breakdown that turned a spreadsheet into a protection problem. For identity governance teams, that means the boundary between privacy, verification, and safeguarding is much narrower than most programmes assume.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>92% of organisations expose NHIs to third parties, raising concerns about supply chain security, according to <a href="https://nhimg.org/the-ultimate-guide-to-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">the Ultimate Guide to NHIs</a>.</li>
<li>Only 20% have formal processes for offboarding and revoking API keys, and even fewer have procedures for rotating them, according to <a href="https://nhimg.org/the-ultimate-guide-to-non-human-identities?utm_source=nhimg&amp;utm_medium=NHIForum">the Ultimate Guide to NHIs</a>.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-a-third-party-identity-causes-data-exposure/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when a third-party identity causes data exposure?</a></strong></p>
<p><strong>A:</strong> Accountability sits with the organisation that trusted the identity without sufficient boundaries, not just with the vendor that used it. If a third-party account was over-scoped, persistently trusted, or insufficiently monitored, the governance failure is internal. Frameworks such as NIST CSF and zero trust both expect explicit control over external access.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/accidental-spreadsheet-leaks-can-trigger-large-scale-identity-risk/">Accidental spreadsheet leaks can trigger large-scale identity risk</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/accidental-spreadsheet-leaks-what-it-means-for-identity-governance/#post-26176</guid>
                    </item>
				                    <item>
                        <title>RE: Browser prompt injection attacks: are your LLM controls keeping up?</title>
                        <link>https://nhimg.org/community/nhi-breaches/browser-prompt-injection-attacks-are-your-llm-controls-keeping-up/#post-26175</link>
                        <pubDate>Tue, 14 Jul 2026 18:13:06 +0000</pubDate>
                        <description><![CDATA[Browser prompt injection is now an identity and access problem, not just an LLM safety problem. The attack path depends on existing browser permissions, extension trust, and the LLM’s delega...]]></description>
                        <content:encoded><![CDATA[<p>Browser prompt injection is now an identity and access problem, not just an LLM safety problem. The attack path depends on existing browser permissions, extension trust, and the LLM’s delegated access to connected services. That places it squarely in the governance space that IAM and PAM teams already manage, even though the abuse surface looks like application behaviour. Practitioners should treat browser-mediated LLM access as part of the access control plane.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems, inappropriately sharing sensitive data, and revealing access credentials, according to <a href="https://nhimg.org/ai-agents-the-new-attack-surface?utm_source=nhimg&amp;utm_medium=NHIForum">AI Agents: The New Attack Surface report</a>.</li>
<li>Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-a-browser-extension-exposes-llm-connected-data/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when a browser extension exposes LLM-connected data?</a></strong></p>
<p><strong>A:</strong> Accountability usually spans endpoint security, IAM, and the team operating the GenAI tool. Endpoint owners govern the extension, identity teams govern the connector and access scope, and platform owners govern logging and detection. Frameworks like the NIST Cybersecurity Framework and NIST AI RMF both point to <a href="https://nhimg.org/52-non-human-identity-breaches?utm_source=nhimg&amp;utm_medium=NHIForum">shared ownership rather than a single control team</a>.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/browser-prompt-injection-exposes-a-new-llm-data-theft-path/">Browser prompt injection exposes a new LLM data theft path</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/browser-prompt-injection-attacks-are-your-llm-controls-keeping-up/#post-26175</guid>
                    </item>
				                    <item>
                        <title>RE: Claude AI in cyber attacks: what it means for ransomware and IAM</title>
                        <link>https://nhimg.org/community/nhi-breaches/claude-ai-in-cyber-attacks-what-it-means-for-ransomware-and-iam/#post-26174</link>
                        <pubDate>Tue, 14 Jul 2026 18:12:59 +0000</pubDate>
                        <description><![CDATA[AI-assisted extortion is becoming a workflow problem, not just a malware problem. The article shows attackers using Claude to rank vulnerabilities, extract credentials and draft ransom notes...]]></description>
                        <content:encoded><![CDATA[<p>AI-assisted extortion is becoming a workflow problem, not just a malware problem. The article shows attackers using Claude to rank vulnerabilities, extract credentials and draft ransom notes, which means the model is contributing to the operational chain rather than acting as a standalone weapon. That changes defensive planning from blocking one malicious prompt to disrupting a broader attack workflow. Practitioners should judge AI risk by the attack task it accelerates, not by the novelty of the model output.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>80% of organisations report their AI agents have already performed actions beyond their intended scope, including accessing unauthorised systems (39%), inappropriately sharing sensitive data (31%), and revealing access credentials (23%), according to <a href="https://nhimg.org/ai-agents-the-new-attack-surface?utm_source=nhimg&amp;utm_medium=NHIForum">AI Agents: The New Attack Surface report</a>.</li>
<li>Only 52% of companies can track and audit the data their AI agents access, leaving 48% with a complete blind spot for compliance and breach investigation, according to <a href="https://nhimg.org/ai-agents-the-new-attack-surface?utm_source=nhimg&amp;utm_medium=NHIForum">AI Agents: The New Attack Surface report</a>.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-ai-systems-are-used-in-a-cyber-attack-chain/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when AI systems are used in a cyber attack chain?</a></strong></p>
<p><strong>A:</strong> Accountability stays with the organisation operating the identity, secrets, and access paths that made the AI usable in the first place. If the model can act through delegated credentials, then governance must cover ownership, logging, approval boundaries, and offboarding for every connected identity and tool.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/claude-ai-misuse-shows-how-agentic-attacks-lower-the-bar-for-extortion/">Claude AI misuse shows how agentic attacks lower the bar for extortion</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/claude-ai-in-cyber-attacks-what-it-means-for-ransomware-and-iam/#post-26174</guid>
                    </item>
				                    <item>
                        <title>RE: Ribbon breach: what a year-long undetected intrusion means for telecoms</title>
                        <link>https://nhimg.org/community/nhi-breaches/ribbon-breach-what-a-year-long-undetected-intrusion-means-for-telecoms/#post-26173</link>
                        <pubDate>Tue, 14 Jul 2026 18:12:59 +0000</pubDate>
                        <description><![CDATA[Long-dwell access is the real control failure in telecom supplier breaches. When attackers remain inside for months, the problem is not just initial compromise but the absence of reliable de...]]></description>
                        <content:encoded><![CDATA[<p>Long-dwell access is the real control failure in telecom supplier breaches. When attackers remain inside for months, the problem is not just initial compromise but the absence of reliable detection around persistence, lateral movement, and support access. That changes the governance question from "was data taken" to "what access pathways stayed open long enough to matter". Practitioners should treat dwell time as a primary security metric, not a post-incident curiosity.</p>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-a-telecom-supplier-breach-affects-client-data-or-systems/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when a telecom supplier breach affects client data or systems?</a></strong></p>
<p><strong>A:</strong> Accountability is shared across the supplier, its customers, and any third parties that depended on the compromised trust path. The supplier owns the incident response and disclosure process, but customers must also assess their own exposure, access dependencies, and <a href="https://nhimg.org/52-non-human-identity-breaches?utm_source=nhimg&amp;utm_medium=NHIForum">contractual notification obligations</a>.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/ribbon-breach-highlights-telecom-blind-spots-in-long-dwell-intrusion/">Ribbon breach highlights telecom blind spots in long-dwell intrusion</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/ribbon-breach-what-a-year-long-undetected-intrusion-means-for-telecoms/#post-26173</guid>
                    </item>
				                    <item>
                        <title>RE: ForcedLeak and Agentforce: what this means for AI agent governance</title>
                        <link>https://nhimg.org/community/nhi-breaches/forcedleak-and-agentforce-what-this-means-for-ai-agent-governance/#post-26172</link>
                        <pubDate>Tue, 14 Jul 2026 18:12:54 +0000</pubDate>
                        <description><![CDATA[Indirect prompt injection is becoming an identity problem, not just a content safety problem. The attacker did not need a password, token, or session takeover to influence execution. They on...]]></description>
                        <content:encoded><![CDATA[<p>Indirect prompt injection is becoming an identity problem, not just a content safety problem. The attacker did not need a password, token, or session takeover to influence execution. They only needed a trusted ingestion path and an agent that accepted external text as actionable context. That means AI governance now has to treat prompt provenance and execution authority as part of the identity model, not as a separate model-safety issue.</p>
<p><strong>A few things that frame the scale:</strong></p>
<ul>
<li>The average time to mitigate a leaked secret is 36 hours, highlighting the operational burden of manual remediation processes, according to <a href="https://nhimg.org/the-2024-state-of-secrets-management-survey-report?utm_source=nhimg&amp;utm_medium=NHIForum">The 2024 State of Secrets Management Survey</a>.</li>
<li>Only 44% of organisations are currently using a dedicated secrets management system, according to <a href="https://nhimg.org/the-2024-state-of-secrets-management-survey-report?utm_source=nhimg&amp;utm_medium=NHIForum">The 2024 State of Secrets Management Survey</a>.</li>
</ul>
<p><strong>A question worth separating out:</strong></p>
<p><strong>Q: <a href="https://nhimg.org/faq/who-is-accountable-when-an-ai-assisted-workflow-leaks-sensitive-data/?utm_source=nhimg&amp;utm_medium=NHIForum">Who is accountable when an AI-assisted workflow leaks sensitive data?</a></strong></p>
<p><strong>A:</strong> Accountability sits with the organisation that allowed the workflow to operate outside governed controls. Security, IAM, and business owners all share responsibility for ensuring approval, logging, and lifecycle management exist before data moves through the path. If no one can block or revoke it, no one is governing it.</p>
<p>&#x1f449; <strong>Read our full editorial: <a href="https://nhimg.org/articles/forcedleak-exposes-how-indirect-prompt-injection-breaks-agent-trust/">ForcedLeak exposes how indirect prompt injection breaks agent trust</a></strong></p>]]></content:encoded>
						                            <category domain="https://nhimg.org/community/"></category>                        <dc:creator>Mr NHI</dc:creator>
                        <guid isPermaLink="true">https://nhimg.org/community/nhi-breaches/forcedleak-and-agentforce-what-this-means-for-ai-agent-governance/#post-26172</guid>
                    </item>
							        </channel>
        </rss>
		