TL;DR: AI-generated phishing, a critical MCP remote code execution flaw, and unmanaged non-human identities now sit in the same risk surface, according to Oasis Security’s analysis. The governance gap is no longer just secrets hygiene; identity assumptions break once AI systems, tool protocols, and hidden service credentials converge.
NHIMG editorial — based on content published by Oasis Security: Cyber beyond humans: AI-driven phishing, critical AI flaws, and identity risks uncovered
Questions worth separating out
Q: How should security teams handle AI-driven phishing in identity workflows?
A: Security teams should treat AI-driven phishing as an identity trust problem, not only an email filtering problem.
Q: Why does MCP security matter for IAM teams?
A: MCP matters because it turns model connectivity into potential tool access, and tool access is a privilege issue.
Q: What breaks when acquired NHIs are not discovered early in M&A?
A: What breaks is accountability.
Practitioner guidance
- Harden AI-assisted phishing verification Add secondary verification for requests that involve credential resets, payment changes, or sensitive workflow approvals when content may have been generated or altered by AI.
- Treat MCP connections as privileged access Catalog every model, tool, and data source connected through MCP, then assign each connection a named owner, explicit privilege boundary, and review cadence.
- Run acquisition-time NHI discovery before integration Search acquired environments for service accounts, API keys, certificates, and automation tokens before they are linked to enterprise identity systems.
What's in the full article
Oasis Security's full blog covers the operational detail this post intentionally leaves for the source:
- The article’s walkthrough of how AI-generated phishing can be used to manipulate users and workflows in practice.
- The specific MCP vulnerability discussion, including the RCE framing and why default settings matter for developers.
- The M&A playbook details for discovering, governing, and securing NHIs before integration.
- The source’s broader roundup of related breach and flaw examples that extend beyond this summary.
👉 Read Oasis Security's analysis of AI-driven phishing, MCP flaws, and identity risk →
AI-driven phishing and MCP flaws: what IAM teams need to know?
Explore further
AI-driven phishing is now an identity governance issue, not just a content problem. When malicious content can be generated at machine speed, the traditional assumption that suspicious messages are rare enough for human review breaks down. Security teams have to think about identity trust chains, not only message authenticity. That means the control failure sits upstream of the click, in the trust model itself, and practitioners should treat AI-assisted lures as a governance signal rather than only a detection problem.
A few things that frame the scale:
- 96% of organisations store secrets outside of secrets managers in vulnerable locations including code, config files, and CI/CD tools, according to the Ultimate Guide to NHIs.
- That same research shows only 20% have formal processes for offboarding and revoking API keys, which explains why hidden access survives organisational change.
A question worth separating out:
Q: Who should be accountable when AI tools, phishing, and NHIs overlap?
A: Accountability should sit with the teams that own the workflow end to end, not with a single security function. Human IAM, NHI governance, and application or AI platform owners all need a shared control model because the attack path crosses message trust, tool trust, and credential trust. Without that shared ownership, gaps appear between domains.
👉 Read our full editorial: AI-driven phishing and MCP flaws expose new identity risks