An autonomous AI security agent discovered a critical authentication bypass in etcd, enabling attackers to access sensitive cluster APIs without credentials. The flaw, quickly patched in March 2026, highlights both the risks in open-source infrastructure and the growing power of AI-driven security testing.
A fundamental bug in etcd’s access controls let attackers trigger alarms, compact databases, and exhaust resources—no admin credentials needed. Discover how AI uncovered the flaw and what operators must do now.