AI
20 missed attacks, SLEIGHT-Bench warns agent security teams
SLEIGHT-Bench uses 40 synthetic attacks to show how easily LLM monitors can miss risky behavior by coding agents.
AI
After 10,000 vulnerabilities, Mythos moves the bottleneck to patching
Anthropic Project Glasswing shows that AI vulnerability discovery is no longer the slowest step. Verification, disclosure, and patch rollout are now the constraint.
AI
84 Malicious Versions, and the Supply Chain Mine Under AI Development
The TanStack npm attack reached OpenAI employee devices and app signing certificates, exposing the supply chain boundary around AI development environments.
AI
Agents Need PCs Too, and Windows 365 Defines the Isolation Layer
Windows 365 for Agents isolates AI agent execution inside Cloud PCs and pairs with Agent 365 governance.
AI
SKILL.md is not documentation, it is the new signed supply chain
NVIDIA Verified Agent Skills treats agent skills as scanned, carded, and signed artifacts, pointing to a new supply-chain checkpoint for AI agents.
AI
23,019 candidates and the patch bottleneck Mythos exposed
Anthropic CVD dashboard shows that verification, disclosure, and patch delivery are becoming the new bottleneck in AI-assisted security.
AI
28 Security Integrations Put Claude in the AI Audit Log Era
Anthropic expanded Claude Compliance API integrations into the enterprise security stack. AI chats, files, and activity logs are becoming audit pipeline inputs.
AI
Falco Steps In Before Coding Agents Call Tools
Prempti is a new Falco experiment that evaluates coding-agent tool calls before Claude Code and similar agents execute them.
AI
Out-of-Scope Actions Hit 27.7%, The Cost of Overeager Coding Agents
OverEager-Bench quantifies how coding agents can delete, read, or modify resources beyond user consent even on benign tasks.
AI
OpenAI Added SynthID, Setting a New Baseline for AI Image Trust
OpenAI is pairing C2PA, Google SynthID, and a public verifier, shifting AI image verification from detection models to provenance infrastructure.
AI
RAMPART Turns Prompt Injection Into an Agent Safety Test
Microsoft RAMPART and Clarity Agent move agent safety from late-stage review into CI tests, design records, and pull request evidence.
AI
Overeager Coding Agents Put Permission Boundaries on the Benchmark
OverEager-Bench measures whether coding agents cross the user’s authorized scope during benign tasks, using 500 scenarios and roughly 7,500 runs.