Security
AgentCore Gateway: OAuth Proxy for MCP Servers Without Code Changes
How gateway-based authentication adds enterprise SSO to Model Context Protocol servers using reverse proxy token injection and session management.
Security
Security
PageAgent: In-Browser Agent Execution and the Shifted Security Boundary
How embedding AI agents directly in the frontend DOM changes security boundaries, state persistence, and tool-calling patterns versus server-side orches...
Security
Didit's Unified Identity Layer: How KYC, AML, and Biometric Verification Become Agent-Callable APIs
Orchestrating identity verification across jurisdictions with a single API. State management, fallback logic, and rate limits for agent-driven compliance.
Security
MCP Runtime Security: How the Model Context Protocol Defends Agent Tool Calls at Execution Time
MCP's runtime layer validates, sandboxes, and audits tool calls before they reach system resources. Here's how the protocol creates a security boundary.
Security
The API Key Handoff Problem: Why Standard OAuth Flows Break Agent Security Boundaries
How traditional API authentication patterns create credential leakage when agents orchestrate third-party integrations, and what actually works.
Security
Prompt Injection in Dependencies: How a Developer Weaponized jqwik to Delete Agent Output
A frustrated developer embedded malicious prompts in jqwik library code, instructing AI agents to delete files. Exposes supply-chain attack surface.
Security
Enterprise Agent Security: How Autonomous Systems Expand the Attack Surface Beyond Prompt Injection
Credential sprawl, lateral movement, and audit gaps in autonomous agents. Why traditional AppSec boundaries don't contain agentic systems.
Security
AG2B: Running Agent Loops in the Browser and Why Client-Side Orchestration Changes Security Boundaries
Client-side agent orchestration via WebMCP shifts the security perimeter from server sandboxes to browser isolation, exposing new attack surfaces.
Security
Agent Security Is a Systems Problem: Why Isolation, Sandboxing, and Least Privilege Matter More Than Prompt Filters
How OS-level security principles apply to multi-agent deployments when LLMs are untrusted components requiring capability boundaries and resource limits.
Security
Phantom Dependencies: How AI Coding Agents Install Packages That Don't Exist Yet
AI agents hallucinate package names and write them to manifests without registry validation, creating supply-chain gaps and namespace races.
Security
Continuity-Auth: Device-Continuity Proofs as Rate-Limiting for Agents and Humans
Cryptographic device proofs replace CAPTCHAs and IP throttling when agents and humans share endpoints. How continuity signals enable respect-weighted li...
Security
BoxAgnts WebAssembly Sandbox: Isolating Agent File, Shell, and Network Access
How BoxAgnts uses WASM capability-based security to sandbox agents with file I/O, shell execution, and network access without VM overhead.
Security
Microsoft Copilot Cowork Exfiltrates Files via Email Rendering
How agent notification channels become data exfiltration vectors when email rendering, pre-authenticated links, and prompt injection combine in producti...
Security
LocalPanel's Agentless SSH Management: Desktop-First Orchestration Without Server-Side Agents
How LocalPanel eliminates server-side agent dependencies by running SSH orchestration entirely from a desktop client with local credential encryption.
Security
Mog: A 3,200-Token Language Spec for Capability-Based Agent Sandboxing
How a statically typed embedded language uses capability-based permissions to let agents write and execute code without full system access.
Security
Why Polymath Engineers Are Not a Liability in Agent Orchestration
How cross-domain fluency helps engineers diagnose subsystem failures, choose isolation boundaries, and design recovery patterns in multi-agent systems.
Security
OpenClaw Security Roadmap: Retrofitting Guardrails Into a Running Agent Runtime
How OpenClaw builds permission models, filesystem boundaries, and audit trails after shipping a personal AI assistant that runs shell commands on your m...
Security
Amazon Bedrock AgentCore Runtime: AWS Managed MCP Server Hosting
How AWS built Model Context Protocol support into a managed agent runtime, including server lifecycle, credential flow, and state isolation.
Security
Measuring Security Without Fooling Ourselves: Why Benchmarking Agents Is Hard
How agent security benchmarks create false confidence through dataset contamination, evaluation shortcuts, and misaligned threat models.
Security
Claw Patrol: How Deno Built an Open-Source Security Firewall for AI Agents
Deno's agent firewall intercepts tool calls at runtime, enforcing policy boundaries between LLM output and system execution.
Security
Gemini 3.5 Flash Pricing: What Google's 3x Cost Increase Reveals About Agent Economics
Google tripled Flash pricing while deploying it to billions. Here's what the $1,551 benchmark cost tells us about reasoning tokens and agent economics.
Security
Fiverr's Public File Leak: When CDN Misconfiguration Exposes Every Customer Deliverable
How Fiverr's choice of public CDN URLs over signed tokens turned Cloudinary into an open directory, and what this means for asset storage in multi-tenan...
Security
N-Day-Bench: How Sandboxed Bash Shells Test Whether LLMs Can Find Real Vulnerabilities
Monthly CVE pipeline, sandboxed agent environments, and the plumbing behind automated vulnerability discovery benchmarks that don't leak into training data.
Security
20x Faster Coding with AI: What Happens When You Move the Agent Outside Your Editor
Why running coding agents in separate terminals with full repo context outperforms inline editor completions, and what it reveals about orchestration boundaries.
Security
Wuphf's Git-Native Agent Wiki: Why Markdown + BM25 Beats Vector DBs for Self-Improving Knowledge
How git commits, BM25 indexing, and markdown files create an auditable, portable knowledge substrate for agents with stronger security boundaries.
Security
Ardent's Postgres Sandboxes: Why Coding Agents Need Ephemeral Database Clones
How copy-on-write storage and instant Postgres clones solve the database testing gap for coding agents without migration overhead or blast radius.
Security
Parloa's Voice Agent Stack: Real-Time Speech Pipelines for Enterprise Customer Service
Architecture breakdown of production voice agents: streaming STT/TTS, interruption handling, session state, telephony security, and sub-second latency budgets.
Security
Cloudflare Claude Managed Agents: Isolation, Tool Sandboxing, and Edge Execution Security
How Cloudflare isolates Claude agent code in V8 Workers, enforces per-tool permission boundaries, and prevents runaway execution at the edge.
Security
AI Bug Hunters Flood Linux Security: When Automated Vulnerability Reports Break Human Triage
Linus Torvalds calls Linux security list 'unmanageable' as AI agents submit duplicate CVEs. Here's the filtering architecture maintainers need.
Security
Red-Teaming Oracle APEX 26.1's AI Agent: Attack Patterns and Claude's Defense Layer
10 attacks against APEX's new AI agent feature. Claude blocked 7 autonomously. The 3 that succeeded reveal where tool-layer controls matter.
Security
Anthropic's Red Team Found 13 Firefox Bugs: Inside the Agentic Security Pipeline
How Claude-powered agents orchestrate static analysis, fuzzing, and exploit generation to discover production CVEs without human steering.
Security
The CPUID Backend Hijack: When Download Links Become Malware Delivery
How a six-hour backend API compromise turned trusted CPU-Z and HWMonitor downloads into a credential-stealing supply-chain attack.
Security
Tracecat: Open-Source SOAR Shows How Security Automation Differs from Business Workflows
Tracecat's architecture reveals security-specific orchestration: case state, evidence chains, analyst handoff, and compliance audit trails.
Security
Calif - AI-Powered Security Research & Exploit Development
Calif demonstrates cutting-edge AI-assisted vulnerability research with Mythos Preview, achieving the first public macOS M5 kernel exploit bypassing Apple's MIE in just 5 days. Their MAD Bugs series showcases how AI agents are transforming offensive security research.
Security
The Vercel OAuth Breach: Environment Variables as Supply-Chain Attack Surface
How OAuth token leakage through platform environment variables creates a new class of supply-chain attack, and what it reveals about secret management.
Security
Spikee: Red-Teaming Agentic Workflows for Prompt Injection and Tool Misuse
How Spikee probes prompt injection, data exfiltration, and tool-chaining vulnerabilities in multi-step AI agent architectures under adversarial pressure.
Security
Hermes vs. OpenClaw: What Agent Sandboxing, Memory, and Messaging Architecture Reveal About Security Trade-Offs
A dev.to comparison claims Hermes 'killed' OpenClaw. What the architectural positioning reveals about memory, skills, and deployment trade-offs.