A security scan of over 50 open-source MCP servers revealed that 72% had critical or high-severity vulnerabilities, including hardcoded API keys and insecure command execution. This highlights a significant security gap in MCP servers, which are increasingly used by AI assistants but often built without proper defense mechanisms.
This content analyzes the state of OpenClaw security in 2026, identifying deployment hygiene failures and prompt injection as the main risks. It suggests blast-radius reduction for prompt injection and emphasizes the importance of audits and hardening configurations.
AI agents can decide what to buy but often lack the authority to pay for it independently. This content explores practical methods to grant AI agents payment authority, balancing functionality with security to prevent unauthorized charges.
This paper systematically investigates whether multi-agent LLMs can identify the original model family behind political analysis texts, even when prompt-level anonymization is applied. It evaluates three classifier approaches (LLM zero-shot, few-shot, and fine-tuned T5-base) on a five-class attribution task to assess the sufficiency of anonymization as a mitigation for peer-preservation bias.
ZEC dropped 30% after Anthropic AI discovered a counterfeit vulnerability in Zcash. This finding significantly impacted the cryptocurrency's value.
This content introduces a system for runtime security of AI agents, designed to prevent unintended actions, PII leaks, and infinite loops in production. It employs real-time risk scoring across five dimensions (action type, resource sensitivity, blast radius, frequency, and context deviation), alongside policy enforcement and rollback capabilities.
![Runtime security for AI agents: risk scoring, policy enforcement, and rollback for production agent pipeline [P]](/cdn-cgi/image/width=3840,quality=75,format=webp/https://preview.redd.it/jaatbenjg9wg1.jpg?width=140&height=80&auto=webp&s=43ed5a4d6806da42e7feccd461f2fe78add2eae0)
Pequenos Modelos de Linguagem Grandes (LLMs) descobriram as mesmas vulnerabilidades que o sistema Mythos. Este achado sugere que modelos menores podem replicar descobertas críticas de segurança em sistemas de IA.
Trend Micro announced the TrendAI Agentic Governance Gateway at RSAC 2026, a platform designed to provide visibility and control over autonomous AI agent operations. It features real-time observation, context analysis, policy enforcement, human oversight, and pre-deployment simulation.
This article discusses the critical risks of LLM agents triggering backend actions in production systems, emphasizing that treating raw model output as executable instructions is dangerous. It frames the challenge as an interface problem, advocating for deterministic boundaries to validate, reject, and audit LLM-generated commands for safety.
This article by Karen Tonoyan introduces the concept of Narrative Drift Injection (NDI) as a new dimension of prompt injection. Unlike classic attacks, NDI manipulates the AI model by drawing it into a narrative it co-creates, causing it to lose vigilance at the session level.
AI editors like Cursor generate vulnerable deep-merge and object-spread patterns, leading to prototype pollution bugs. Attackers can exploit these flaws by injecting `proto` properties to override object defaults and bypass authentication.
OpenAI's acquisition of Promptfoo signals a crucial shift in judging AI agent quality, moving beyond mere fluency to comprehensive testing, documentation, and governance of failures before deployment. This addresses critical operational risks like prompt injection and tool misuse, ensuring robustness in production systems.
Version 0.6.1 of the `air-trust` library introduces cryptographic proofs (Ed25519 signatures) for agent-to-agent data handoffs in Python multi-agent AI systems. This feature addresses auditing and security concerns, ensuring data authenticity and agent accountability in AI pipelines.
This article criticizes conventional AI agent security for overlooking the risk of plaintext API key exposure. It proposes a "Zero Token Architecture" where agents receive a fake token, and the real key is swapped at the system boundary to prevent leaks via prompt injection.
The author developed the React FieldShield library to protect sensitive inputs from session recorders and AI screen readers by isolating values in a Web Worker. The article details six bugs that only appeared after real users installed it, highlighting challenges in data security.
This article highlights how AI editors, specifically Cursor, reproduce a dangerous recursive merge pattern from pre-2019 training data, leading to "prototype pollution" vulnerabilities in JavaScript. This security flaw allows attackers to inject properties onto `Object.prototype`, affecting all objects, and was previously identified in `lodash` (CVE-2019-10744).
Em 3 de fevereiro de 2026, uma grave vulnerabilidade (CVE-2026-25253, CVSS 8.8) foi divulgada no OpenClaw, um agente de IA de código aberto, permitindo execução remota de código. Isso levou à descoberta de 138 vulnerabilidades em 63 dias, com mais de 135.000 instâncias de OpenClaw publicamente expostas globalmente, muitas sem autenticação.
The author describes a 6-hour outage of their AI content agent caused by an indirect prompt injection bug originating from an unvalidated research file. This led to the agent generating 47 identical, unfinished drafts, highlighting the critical need for input validation in AI systems.
This article analyzes the security risks associated with AI coding assistants, such as GitHub Copilot, highlighting two main directions: the generation of code with security flaws and the exposure of sensitive data (API keys, PII) when developers paste their code into AI tools. It notes that while most security teams address the former, few have a plan for the data leakage inherent in the latter.
This article offers a practical guide for IT leaders on securing AI agents, addressing immediate operational requirements. It highlights the unique challenges of AI agent security compared to traditional applications due to their unpredictable behavior.