AI application compromise has emerged as a core threat as attackers target enterprise AI tools deployed in corporations' operating environments and employees-only apps. Given the broad attack surface, if security is weak, sensitive data or credentials could be exposed. Prompt injection attacks targeting AI systems including large language models (LLMs) are also rampant. Attackers inject maliciously crafted prompts to distort the model's algorithmic behavior. By doing so, they bypass existing security controls, such as by exfiltrating sensitive information externally or inducing unauthorized actions. Gartner said, "As corporations expand their adoption of Generative AI, the risks of prompt injection are rising in tandem." The software supply chain was also identified as a newly notable threat. Analyst Watts explained, "Advances in Generative AI solutions are accelerating the trend of software supply chain attacks that target vulnerabilities in open-source software."