AI
Anthropic sabotage report puts agent monitoring on trial
Anthropic’s Opus 4 sabotage risk report shows why coding agents need audit trails across logs, pull requests, security events, and external review.
AI
NSA MCP guidance warns about GitHub scope, WhatsApp leaks, and agent runtime risk
NSA published MCP security design guidance for AI-driven automation, turning tool permissions, tokens, logs, sandboxing, DLP, and scans into deployment requirements.
AI
Claude self-hosted sandboxes set new rules for private MCP access
Anthropic added self-hosted sandboxes and MCP tunnels to Claude Managed Agents, shifting tool execution and private tool access into enterprise-controlled boundaries.
AI
Chrome Enterprise MCP turns browser security policy into agent tools
Google released a Chrome Enterprise Premium MCP server that exposes DLP rules, connector policy, browser telemetry, and activity logs to AI agents.
AI
Claude containment design exposes 24 AWS credential leaks
Anthropic published Claude containment designs and failure cases across claude.ai, Claude Code, and Claude Cowork, turning approval fatigue, allowlists, and memory into an agent security checklist.
AI
Robinhood opens MCP trading, but agent losses stay with users
Robinhood opened Trading MCP and Banking MCP for AI agents. The real developer story is the permission, approval, and liability model around financial tool calls.
AI
Arm open-sources Metis, a security agent aimed at SAST false positives
Arm has open-sourced Metis, an agentic AI security framework for code review, SARIF triage, evidence chains, and lower false-positive cost.
AI
AI Passed the CAPTCHA, but 0.88 AUC Caught the Process
Roundtable and an arXiv paper argue that AI agents can match CAPTCHA answers while still revealing themselves through click order and behavior.
AI
Claroty Claire Launches With Approval Boundaries for Factory and Hospital AI Security
Claroty introduced Claire, a CPS-native AI security agent. The launch shows why AI action in factories and hospitals has to be tied to asset data, approvals, and audit trails.
AI
AI coding teams ship daily, but DevOps is paying the bill
Harness 2026 survey data links heavy AI coding use with faster deployment, more delivery pressure, and downstream security, rollback, and burnout signals.
AI
Codex Can Reach Internal MCP Servers Through OpenAI Secure Tunnels
OpenAI Secure MCP Tunnel gives ChatGPT, Codex, Responses API, and AgentKit an outbound-only path to private MCP servers without public endpoints.
AI
Mythos reached ACE on 21 of 41 V8 bugs, Anthropic exploit benchmarks warn defenders
Anthropic published Claude Mythos Preview exploit evaluations and a CVD dashboard. V8 21/41 ACE and 1,596 disclosed flaws reset security triage expectations.