AI agent at the wheel: How an attacker used LLMs to move from a CVE to an internal database in 4 pivots

A real-world attacker leveraged an LLM agent to improvise and execute a rapid, multi-stage cloud intrusion—moving from a single CVE exploit to full internal database exfiltration in under an hour—demonstrating how AI-driven agents are replacing static scripts with adaptive, live attack chains that are harder to detect and defend against.