A Token Flaw Turned Azure's AI Agent Into a Spy

Outsiders Could Exploit Misconfig to Stream Commands, Credentials Rashmi Ramesh (rashmiramesh_) • April 20, 2026

Any outsider with a free Microsoft cloud account and a short script could watch another company's artificial intelligence operations agent in real time - reading its commands, its reasoning and its passwords - without the company ever knowing.

See Also: AI Security Risks Rise With Agentic Systems

Microsoft's automated cloud operations Azure SRE Agent connects to a company's Azure environment and acts as a round-the-clock operations partner. It watches for alerts, diagnoses outages and executes fixes on behalf of IT teams by restarting services, scaling resources, rolling back software deployments and running command-line instructions across a company's cloud infrastructure. It has access to source code, logs, system metrics and integrations with incident management platforms like PagerDuty and ServiceNow. Microsoft's own Azure App Service team cut its average incident resolution time from ...