AI
177,000 MCP Tools Show AI Agent Risk Has Moved to the Action Layer
AISI analyzed 177,436 MCP tools and found agent tooling shifting from reading and analysis toward file edits, browsers, payments, and other actions.
AI
AWS AI Security Framework sets a baseline for agent authority
The AWS AI Security Framework separates answering, connected, and acting AI, making agent identity, tool authorization, and observability the new security baseline.
AI
AWS puts Chrome policies on a leash for browser agents
AWS AgentCore Browser moves browser-agent security from prompts into Chrome enterprise policies, custom root CAs, and auditable runtime controls.
AI
Codex Windows sandbox sets the baseline for local agent security
OpenAI’s Codex Windows sandbox design shows that local coding agent security is now an OS boundary problem, not only a model safety problem.
AI
Mistral SDK compromise shows trusted CI can ship malware
The Mini Shai-Hulud attack hit Mistral AI SDK and TanStack packages, exposing a new supply-chain risk around CI, cache poisoning, and OIDC publishing.
AI
Frontier AI predeployment review is becoming the new launch gate
CAISI is expanding predeployment evaluation work with Google DeepMind, Microsoft, and xAI, moving frontier AI launches beyond public benchmarks.
AI
Veeam DataAI moves agent trust into the recovery layer
Veeam DataAI Command Platform extends AI agent governance into data sources, identity, backups, and precision recovery.
AI
OpenAI Daybreak brings cyber defense into the development loop
OpenAI Daybreak connects GPT-5.5-Cyber and Codex Security to vulnerability discovery, patch validation, detection, and audit evidence.
AI
GitHub Gives Copilot Agents a Secrets Vault
GitHub shipped Agents secrets for Copilot cloud agent, moving private registry and MCP access into organization-level controls.
AI
Google Workspace AI control center brings agent access into Admin console
Google Workspace introduced AI control center, making Gemini and agent access to business data a new Admin console governance surface.
AI
Endor AURI puts a security control plane around coding agents
Endor Labs expanded AURI with Agent Governance and Package Firewall, shifting AI coding security from code review to runtime control.
AI
OpenAI Put Safety Rails Around Codex, and Agent Security Became the Product
OpenAI published GPT-5.5-Cyber and Codex safety practices back to back. The coding-agent race is shifting from model quality to permissions, sandboxing, and audit logs.