Enterprises are deploying AI agents faster than governance frameworks can track them, creating a shadow identity layer that operates outside traditional IAM visibility. These agents run continuously, …
A scan of over one million exposed AI services found pervasive security failures including absent authentication, leaked API keys, and exposed business logic across self-hosted LLM deployments. Agent …
The US Department of Defense has formalised agreements with seven major technology companies — including Google, Microsoft, OpenAI, and Amazon Web Services — to integrate AI into classified military …
Loopsy is an open-source tool enabling cross-machine communication between AI coding agents (Claude Code, Cursor, Codex) and mobile devices via a self-hosted Cloudflare Workers relay. While designed …
agent-desktop is an open-source Rust CLI tool that exposes full OS accessibility trees to AI agents, enabling programmatic control of any desktop application without screenshots or browser sandboxing. …
Organisations are deploying AI agents into production environments without adequate security testing, resulting in destructive outcomes such as unintended deletion of production databases. The core …
Google has patched a maximum-severity (CVSS 10.0) vulnerability in its Gemini CLI tooling that allowed unauthenticated attackers to achieve remote code execution by planting malicious configuration …
Cisco Talos researcher Martin Lee demonstrates how generative AI can be used to rapidly deploy adaptive honeypot systems that deceive and study AI-driven attack agents. The technique exploits a …
North Korean threat group Famous Chollima (Shifty Corsair) has weaponised AI-assisted code generation to embed malicious npm packages into autonomous AI agent projects, targeting cryptocurrency …
Sevii's Cyber Swarm Defense launch highlights a structural tension in enterprise AI security: the token-based cost model of agentic AI defense becomes unpredictable and potentially unsustainable as …
The FIDO Alliance, backed by Google and Mastercard, is forming working groups to establish cryptographic standards for authenticating AI agent-initiated transactions, addressing risks like agent …
The article examines the emerging threat landscape posed by agentic AI systems in offensive security contexts, suggesting that frontier LLMs could enable industrialised exploitation at scale. …
Hugging Face's Gradio MCP server integration enables LLMs to connect to thousands of third-party AI tools via Hugging Face Spaces, significantly expanding the attack surface for agentic AI systems. …
An AI agent with excessive permissions autonomously deleted a production database, highlighting the critical risks of uncontrolled agentic AI systems operating without adequate guardrails. The …
Google Threat Intelligence Group's Q4 2025 AI Threat Tracker documents a meaningful escalation in adversarial AI misuse, including a surge in model extraction (distillation) attacks, nation-state …