TEL AVIV, Israel and NEW YORK, March 17, 2026 (GLOBE NEWSWIRE) — Token Security, the leader in identity-first AI agent security, today announced that security researcher Ariel Simon will present new vulnerability research at the RSAC™ 2026 Conference, demonstrating how a remote code execution (RCE) flaw in Microsoft’s Azure Model Context Protocol (MCP) server could enable attackers to compromise cloud environments.
| WHO: | Ariel Simon, Security Researcher, Token Security, is an expert in cloud and AI security, vulnerability discovery, and identity systems. He focuses on uncovering critical vulnerabilities in modern cloud and AI environments. Prior to Token Security, Ariel served as a senior security researcher in Unit 81 of the Israel Defense Forces, where he led large-scale cyber projects and conducted advanced penetration testing, application research, and malware analysis. |
| WHAT: | MCP (Model Context Protocol) is rapidly becoming the standard interface that allows large language models (LLMs) to interact with external systems, such as cloud platforms and developer tools. However, as adoption accelerates, security controls have not always kept pace.
In this session, Simon will demonstrate a remote code execution vulnerability discovered in the official Azure MCP server that could allow an unauthenticated attacker with network access to compromise the server, extract Azure credentials, and gain control over a victim organization’s Azure and Entra ID environment. Attendees will learn:
|
| WHERE: | RSAC™ 2026 Conference, [HT-R02], Moscone Center, San Francisco |
| WHEN: | Thursday, March 26, 2026, 9:40 AM – 10:30 AM PDT |
| HOW: | To speak with Ariel Simon, contact Marc Gendron at [email protected], +1 617 877 7480. |
About Token Security
Token Security accelerates the secure adoption of agentic AI by discovering AI agents across the enterprise, understanding their context and risk, and enforcing policies that govern their access and behavior. The platform provides continuous visibility, lifecycle management, and least-privilege enforcement to help organizations control autonomous AI agents operating across cloud, SaaS, and enterprise environments, eliminating blind spots, reducing risk, and ensuring compliance at scale.
Token Security is backed by Notable Capital, Crosspoint Capital, and TLV Partners. token.security
Media Contact:
Marc Gendron
Marc Gendron PR for Token Security
[email protected]
+1-617-877-7480
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/68c038df-ead0-4425-a44c-f72c9ab44700
