T-5004observed
Credential Reuse
Reuse harvested credentials to access additional services and agents
Tactic
Lateral Movement (Stage 5)
Pivot from compromised agent to connected services or other agents
Attack Class
RETROACTIVE-PRIV
Exploiting previously granted access or cached credentials to gain unauthorized capabilities
Evidence
observed
Confirmed in real-world production systems or internet-wide exposure assessments.
DVAA Validation
credential reuse
Detection (HackMyAgent)
CRED-001
npx hackmyagent secure --ciDefense (OASB Controls)
OASB 10.1OASB 10.2OASB 10.3OASB 10.4OASB 10.5OASB 7.1OASB 7.2OASB 7.3OASB 7.4
How to Cite
AI Agent Threat Matrix T-5004 (Credential Reuse). OpenA2A, 2026. https://threats.opena2a.org/techniques/T-5004