Security researchers warn that current identity management systems weren't designed to protect against threats targeting AI-powered tools and automated services.
Cybersecurity researchers have discovered a concerning trend: hackers are using a malware tool called Umbrij to break into corporate email accounts by exploiting how companies manage access to Google's application programming interfaces (APIs). The threat group ToddyCat appears to be behind these attacks, which specifically target business Gmail accounts. Rather than trying to guess passwords the old-fashioned way, these attackers are finding weaknesses in the systems that companies use to hand out digital keys and permissions to their employees and automated tools.
Think of identity management like a bouncer at a nightclub. The bouncer's job is to decide who gets in and who doesn't. Traditional bouncers check IDs and look at a list. But now, clubs are hiring automated systemsâbasically robot bouncersâto help check people in. Companies haven't yet built the right systems to watch over these robot bouncers properly, and that's creating a security gap.
Here's what's happening: Companies use services like Google to store their emails. To let their employees and software tools access those emails safely, they create digital permissions called API tokens. These tokens work like special passes. The problem is, most companies built their identity management systems when everything was manual. Nobody anticipated that artificial intelligence and automated agents would need these permissions too. The current systems weren't designed with this scenario in mind.
When these automated systems and AI tools get compromised, hackers gain the same level of access as a trusted employeeâbut nobody's watching closely because the monitoring systems weren't built for this situation.
If your company uses Gmail and cloud-based toolsâwhich is almost every modern businessâthis affects your workplace. Email contains sensitive information: contract details, financial records, strategic plans, and personal data about customers and employees. When hackers gain unauthorized access to corporate email through these API vulnerabilities, they can steal everything.
Beyond the immediate theft risk, there's a deeper concern. As companies increasingly use AI agents to handle tasksâcustomer service, data processing, schedulingâthese AI systems need digital access to company resources. But security teams don't yet have good tools to track what these AI agents are doing or to spot when something goes wrong. It's like hiring a new employee but not actually supervising them.
This creates a blind spot right at the moment when AI is becoming central to business operations.
The core issue here is that our security systems are struggling to keep pace with how fast technology is changingâand that gap is something every organization needs to address urgently.
Want to understand the technology behind this story? ITVedas has beginner-friendly guides on every IT topic.
Explore IT Chapters â