Skyhawk Security announced research on June 29, 2026, showing its Agentic AI Red Team took control of a company's production AWS organization in seconds, starting with low-privileges and escalating to gaining control over a production organization. The research simulated an agentic AI attacker within a real financial services company's cloud environment. No frontier AI model was required to build or execute the attack. The AI Red Team executed the takeover despite the company following best practices, configuring permissions and roles, and utilizing a leading cloud-native application protection (CNAPP) platform. The attack is concerning because there is no vulnerability to patch, no excessive permission to remove, and no misconfiguration alert to remediate. The AI Red Team identified a chain of legitimate permissions and capabilities that were individually valid and intentionally configured, dynamically manipulating roles and permissions to move from a low-privilege role to a complete production organization takeover. Chen Burshan, CEO of Skyhawk Security, stated that the company was doing a great job with nothing broken in their environment, yet the AI Red Team still achieved full organization control.