Token Theft and AI Poisoning Redefine the Perimeter Attackers are shifting from breaking passwords to stealing active login sessions, bypassing multi-factor authentication entirely. This week, ARToken and ConsentFix exploited Microsoft 365 OAuth flows to hijack accounts, while Anubis ransomware used the ongoing CitrixBleed 2 vulnerability to steal session tokens from network gateways. Even a standard user can become a Global Administrator in minutes if identity settings are loose, as demonstrated by a recent M365 privilege escalation analysis. Simultaneously, artificial intelligence systems have evolved from helper tools to critical vulnerabilities, serving as both the weapon and the target. Threat actors are using AI to generate malware like InfernoGrabber v9.0 and BusySnake Stealer, while also poisoning AI agent ecosystems with malicious skills like OpenClaw and tricking AI models into executing financial fraud via indirect prompt injection. The AI arms race has accelerated breakout times to under 30 minutes, with state-sponsored groups like GTG-1002 now orchestrating entire espionage campaigns via AI. Defenders must immediately audit identity and session controls, treating session tokens as highly sensitive credentials. Security teams should also implement guardrails for AI agents, verifying external URLs and restricting autonomous financial or code execution actions.