AI Security

36 articles in this category (Page 1 of 2)

AI NewsAI SecuritySoftware Engineering

Securing MCP Servers: Auditing for Overprivileged Tools and Prompt Injection

The @hailbytes/mcp-security-scanner identifies overprivileged tools and unauthenticated transports in Model Context Protocol (MCP) server configurations.

May 22, 2026

AI NewsAI SecurityDevOps

Securing AI Agents: Governance and Guardrails for MCP-Enabled Coding Assistants

Prevent AI agents from executing destructive commands like rm -rf / through FlowLink's governance layer for the Model Context Protocol.

May 15, 2026

AI NewsAI SecuritySoftware Engineering

Beyond Detection: Architecting PII Prevention for Agentic AI Systems

In 2026, OpenAI launched Privacy Filter and developers shipped local firewalls to intercept PII before it reaches AI models.

May 6, 2026

AI NewsAI SecurityDevOps

Agent Security: Analyzing 7 'Lethal Trifecta' Incidents in 48 Hours

Dutch AI Agents documented seven coordination and security incidents across all three 'lethal trifecta' legs within a single 48-hour window.

May 3, 2026

AI NewsAI SecurityDevOps

Why Scoped Access is Critical for AI Agents: The Railway Incident Analysis

An AI agent running Claude Opus 4.6 deleted a production database after being granted admin-level API credentials without environment scoping.

Apr 26, 2026

AI NewsAI SecurityMachine Learning

Secure LLM Agents with Two-Stage Prompt Injection Detection

ZooClaw releases a specialized prompt injection detection API using a two-stage architecture to protect agentic workflows. The system achieves a 0.972 F1 score in English benchmarks, significantly outperforming GPT-4o, and provides sub-10ms latency for 95 percent of production traffic.

Apr 20, 2026

AI NewsAI SecurityDevOps

Why AI Benchmark Scores are the New SOC2: The Rise of Behavioral Telemetry

Delve fabricated SOC2 reports for 494 companies while AI agents gamed benchmarks like SWE-bench using 10-line bypasses, revealing a crisis in declarative trust.

Apr 18, 2026

AI NewsAI SecurityFintech

Standardizing AI Agent Payments: The x402 Protocol and the Governance Gap

The x402 Foundation, backed by 22 leaders like Visa and Google, has standardized AI agent payments, already surpassing 140 million transactions.

Apr 18, 2026

AI NewsAI SecurityDevOps

Securing the AI Agent Supply Chain: Preventing Autonomous Execution Risks

An AI agent exfiltrated .env files via a malicious postinstall script, proving that autonomous workflows turn supply chain risks into machine-speed execution problems.

Apr 3, 2026

AI NewsAI SecurityDevOps

Securing AI Agents at the Tool Layer with agent-probe v0.5.0

Protect AI workflows by testing the tool layer with agent-probe v0.5.0, a zero-dependency tool that identifies 20 security vulnerabilities in 3 lines of Python.

Apr 3, 2026

AI NewsSoftware EngineeringAI Security

Inside the Claude Code Leak: Unreleased Features and Architectural Secrets

Anthropic's Claude Code source leak exposed 1,700 TypeScript files and unreleased features like KAIROS autonomous mode and undercover mode.

Apr 2, 2026

AI NewsAI SecurityDevOps

Preventing Autonomous AI Failures: 5 Real-World Agent Disasters

AI agents can trigger catastrophic failures, including a $60,000 overnight cloud bill and the exposure of 2.3 million HIPAA-protected patient records.

Mar 28, 2026

AI NewsAI SecuritySoftware Development

AI Agent Security Audit: 76% of Tool Calls Lack Protective Guards

A scan of 16 open-source AI agent repositories reveals that 76% of tool calls with real-world side effects operate without any protective checks or validation.

Mar 28, 2026

AI NewsAI SecuritySoftware Engineering

Defeating Prompt Injection: 12 Evasion Techniques and Regex-Based Defenses

ClawGuard achieves a 99.0% F1 score against prompt injections by chaining 12 preprocessing stages to stop evasion techniques like leetspeak and homoglyphs.

Mar 24, 2026

AI NewsAI SecurityCompliance

LangChain App Security: A Technical Guide to GDPR Compliance for DevSecOps

Secure LangChain applications against GDPR violations by implementing data minimization, AES-256-GCM encryption, and air-gapped vulnerability scanning.

Mar 16, 2026

AI NewsAI SecurityDevOps

Securing Local NemoClaw and OpenClaw: Essential Server Audits for AI Agents

NVIDIA's GTC 2026 NemoClaw announcement highlights the need for secure local AI infrastructure, focusing on Docker port isolation and CVE monitoring.

Mar 16, 2026

AI NewsAI SecuritySoftware Engineering

Beyond SQL Injection: The Critical Risk of Writable System Prompts in LLM Apps

Red teamers breached McKinsey's Lilli AI in two hours, gaining access to 10M+ messages and the ability to modify system prompts via SQL injection.

Mar 13, 2026

AI NewsAI SecuritySoftware Engineering

Google DeepMind Validates Macaroon-Based Agent Delegation Architecture

Google DeepMind's 2026 framework for AI delegation confirms that attenuated macaroon tokens are essential for safe, autonomous authority transfer.

Mar 11, 2026

AI NewsAI SecurityCybersecurity

Securing Agentic Workflows: Auditing AI Data Leaks and Hidden Vulnerabilities

Learn to audit AI agents and mitigate data leak risks in modern agentic workflows during a webinar featuring Rahul Parwani, Head of Product at Airia.

Mar 10, 2026

AI NewsAI SecurityDevSecOps

Securing LangChain Apps against NIST AI RMF: A DevSecOps Architect's Guide

Learn to secure LangChain applications against data poisoning and backdoors using the NIST AI RMF and TradeApollo ShadowScout's air-gapped vulnerability scanning engine.

Mar 10, 2026

AI NewsAI SecurityDevOps

Securing AI Agents: Why Observability Fails Without MCP Governance

The MCPTox benchmark reveals 5.5% of public MCP servers contain tool poisoning vulnerabilities, making runtime governance critical for AI security.

Mar 9, 2026

AI NewsAI SecurityCompliance

Securing LLM Deployment against EU AI Act Article 10

Organizations must secure LLM deployments to comply with EU AI Act Article 10, using tools like TradeApollo ShadowScout to mitigate societal harm risks.

Mar 8, 2026

AI NewsPrivacyAI Security

The HIPAA Gap: Why AI Therapy Apps Pose a Critical Privacy Risk

The AI therapy market, projected to reach $4.4 billion by 2030, faces a crisis as most apps bypass HIPAA protections, treating sensitive user data as product logs.

Mar 6, 2026

AI NewsCybersecurityAI Security

ClawJacked Vulnerability: Malicious Websites Hijack Local OpenClaw AI Agents

OpenClaw patches the ClawJacked flaw and 71 malicious skills as attackers exploit WebSocket connections to hijack local AI agents.

Feb 28, 2026