THE Microsoft AI Red Team has updated its Taxonomy of Failure Modes in Agentic AI Systems to v2.0, reflecting new insights gained from a year of red teaming. The update introduces seven new failure modes, such as Agentic Supply Chain Compromise and Goal Hijacking, addressing new vulnerabilities discovered in open-source frameworks and computer-use agents.
The v2.0 taxonomy emphasizes the need for supply chain security, a zero-trust framework for inter-agent communication, and improved consent architecture to protect against these vulnerabilities. Key operational findings include the frequency of HitL bypass exploits and the necessity of system-level testing for emerging attack patterns.
Recommendations for organizations involve comprehensive inventorying of their AI system supply chains, verifying agent identities, and auditing human-in-the-loop processes systematically.