News provided by
OWASP
Dec 10, 2025, 03:03 ET

WILMINGTON, Del., Dec. 10, 2025 /PRNewswire/ -- The OWASP GenAI Security Project (genai.owasp.org), a leading global open-source and expert community dedicated to delivering practical guidance and tools for securing generative and agentic AI, today released the OWASP Top 10 for Agentic Applications, a key resource to help organizations identify and mitigate the unique risks posed by autonomous AI agents.

Following more than a year of research, review and refinement, this Top 10 list reflects a culmination of input from over 100 security researchers, industry practitioners, user organizations and leading cybersecurity and generative AI technology providers. The result is not only a list of risks and mitigations, but a suite of resources designed for practitioners providing data-driven guidance.

The framework was further evaluated by the GenAI Security Project's Agentic Security Initiative Expert Review Board, which includes representatives from recognized bodies around the world such as NIST, European Commission and the Alan Turing Institute, among others. A full list of contributing organizations can be found here.

"This new OWASP Top 10 reflects incredible collaboration between AI security leaders and practitioners across the industry," said Scott Clinton, the OWASP GenAI Security Project's Co-Chair, Board Member, and Co-Founder. "As AI adoption accelerates faster than ever, security best practices must keep pace. The community's responsiveness has been remarkable, and this Top 10, along with our broader open-source resources, ensures organizations are better equipped to adopt this technology safely and securely."

Agent Behavior Hijacking, Tool Misuse and Exploitation and Identity and Privilege Abuse are some of the highlighted threats within the Top 10 and they showcase how attackers can subvert agent capabilities or their supporting infrastructure. Incidents involving these agentic systems are increasingly capable across industries, elevating the need for these new resources.

"Companies are already exposed to Agentic AI attacks - often without realizing that agents are running in their environments," said Keren Katz, Co-Lead for OWASP's Top 10 for Agentic AI Applications and Senior Group Manager of AI Security at Tenable. "While the threat is already here, the information available about this new attack vector is overwhelming. Effectively protecting a company against Agentic AI requires not only strong security intuition but also a deep understanding of how AI agents fundamentally operate."

"Agentic AI introduces a fundamentally new threshold of security challenges, and we are already seeing real incidents emerge across industry," said John Sotiropoulos, GenAI Security Project Board member, Agentic Security Initiative and Top 10 for Agentic Applications Co-lead, and Head of AI Security at Kainose. "Our response must match the pace of innovation, which is why this Top 10 focuses on practical, actionable guidance grounded in real-world attacks and mitigations. This release marks a pivotal moment in securing the next generation of autonomous AI systems."

The Top 10 for Agentic Applications joins a growing portfolio peer-reviewed resources released by the OWASP GenAI Security Project and its Agentic Security Initiative, including:

The State of Agentic Security and Governance 1.0: A practical guide to the governance and regulations for the safe and responsible deployment of autonomous AI systems.
The Agentic Security Solutions Landscape: A quarterly, peer-reviewed map of open-source and commercial agentic AI tools and how they support SecOps and mitigate DevOps–SecOps risks.
A Practical Guide to Securing Agentic Applications: Practical technical guidance for securely designing and deploying LLM-powered agentic applications.
Reference Application for Agentic Security: An OWASP FinBot Capture The Flag applications , designed to test and practice agentic security skills in a controlled environment.
Agentic AI Threats and Mitigations: This document is the first in a series to provide a threat-model-based reference of emerging agentic threats and discuss mitigations.
And more
"Over the past two and a half years, the OWASP Top 10 for LLM Applications has shaped much of the industry's thinking on AI security," said, Steve Wilson, OWASP GenAI Security Project Board Co-Chair, Founder of OWASP Top 10 for LLM, and CPO of Exabeam, Inc. "This year, we've seen agentic systems move from experiments to real deployments, and that shift brings a different class of threats into clear view. Our team met that challenge by expanding our guidance to address how agentic systems behave, interact, and make decisions. The LLM Top 10 will remain a core, regularly updated resource, and aligning both efforts is key to helping the community build safer, more reliable intelligent systems.

Discover what industry experts, researchers and leading global organizations have to say about the new Top 10 for Agentic Applications here.

The OWASP GenAI Security Project invites organizations, researchers, policymakers and practitioners to access the new Top 10 for Agentic Applications, contribute to future updates and join the global effort to build secure, trustworthy AI systems. Visit our site to learn more and how you can contribute.

About OWASP Gen AI Security Project
The OWASP Gen AI Security Project (genai.owasp.org) is a global, open-source initiative and expert community dedicated to identifying, mitigating, and documenting security and safety risks associated with generative AI technologies, including large language models (LLMs), agentic AI systems, and AI-driven applications. Our mission is to empower organizations, security professionals, AI practitioners, and policymakers with comprehensive, actionable guidance and tools to ensure the secure development, deployment, and governance of generative AI systems. Visit our site to learn more.

Microsoft synchronization capabilities for managing identities in hybrid environments are not without their risks. In this blog, Tenable Research explores how potential weaknesses in these synchronization options can be exploited.

Synchronizing identity accounts between Microsoft Active Directory (AD) and Entra ID is important for user experience, as it seamlessly synchronizes user identities, credentials and groups between on-premises and cloud-based systems. At the same time, Tenable Research shows the following synchronization options can introduce cybersecurity risk that extend beyond hybrid tenants:

the already known Directory Synchronization Accounts Entra role
the new On Premises Directory Sync Account Entra role
the new Microsoft Entra AD Synchronization Service application
In 2024, Microsoft introduced two new security hardening measures for hybrid Entra ID synchronization. However, despite these improvements, both the Directory Synchronization Accounts and the new On Premises Directory Sync Account roles retain access to critical synchronization APIs. Moreover, the new 'Microsoft Entra AD Synchronization Service' application exposes the privileged ADSynchronization.ReadWrite.All permission, introducing another potential attack path that security teams must watch closely.

In this technical blog, we break down the changes Microsoft made to each of its synchronization options, explore where new risks were introduced and provide guidance on how Tenable Identity Exposure can help you monitor and secure your hybrid synchronization environment.

Cybercriminals use GhostGPT, an uncensored AI chatbot, for malware creation, BEC scams, and more. Learn about the risks and how AI fights back.
#chatbot #creation #cybercriminals #fights #ghostgpt #learn #malware #risks #scams #uncensored

There is no shortage of researchers and industry titans willing to warn us about the potential destructive power of artificial intelligence. Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them.