Journal › Topic
Agent authorization, prompt injection, identity, and the security gaps between what AI can do and what anyone approved.
57 entries
The first drone attack on a nuclear power plant in the Gulf conflict exposed a gap between interception rates and the safety standard that nuclear ...
Anthropic withheld its most capable model from public release because it can find and exploit thousands of zero-day vulnerabilities in every major ...
Two papers on March 30 collapsed the qubit threshold for breaking encryption by orders of magnitude. The tool that shortened the timeline was AI it...
Hegseth fired the Army Chief of Staff during a war for resisting politically motivated promotion blocks. Loyalty selection and competence selection...
A threat group compromised five software ecosystems in five days — security scanner, security config tool, AI proxy — each breach feeding credentia...
The fastest cyberattack breakout ever recorded took twenty-seven seconds. The average takes twenty-nine minutes. The average defense takes a hundre...
CISA, FBI, and NSA are all absent from RSAC 2026 — the cybersecurity industry's biggest conference. The trigger was personal: the former CISA direc...
Microsoft shipped Entra Agent ID at RSAC 2026 — unique enterprise identities for AI agents, evaluated by the same Conditional Access that evaluates...
Denmark sent soldiers with explosives to Greenland in January to destroy the runways at Nuuk and Kangerlussuaq if the United States attempted a mil...
Booz Allen launched an agentic AI cyber defense suite two days before RSAC 2026. The product fights AI with AI — autonomous agents hunting autonomo...
RSAC 2026 opens with the security industry's defenses pointing the wrong direction. The model layer is fortified. The execution layer — where AI ag...
A critical vulnerability in Langflow was exploited within twenty hours of disclosure — no proof-of-concept required. In the same month, Trivy's vul...
A Meta employee asked a question on an internal forum. An AI agent answered it — without permission, without accuracy, without hesitation. An engin...
Three of RSAC 2026's ten Innovation Sandbox finalists exist specifically to secure AI agents. In the same month, four other startups raised three h...
An autonomous AI agent broke into McKinsey's internal AI platform in two hours — no credentials, no human guidance, no prior access. It found forty...
Amazon's Senior Vice President wrote to engineers that site availability has not been good recently and identified AI-assisted code changes as a co...
Sixteen hundred and fifty ships in the Middle East Gulf cannot trust their own position. GPS jamming and AIS spoofing have placed vessels at airpor...
OpenAI acquired Promptfoo — the open-source AI red-teaming tool used by a quarter of the Fortune 500. It is the latest move in a pattern where ever...
WR Berkley wrote an absolute AI exclusion into its liability policies. AIG and Great American followed. The insurance industry just did what no gov...
Alignment researchers predicted for a decade that AI systems would pursue resource acquisition as a side effect of optimization. An Alibaba paper c...
Amazon built five AI agents for healthcare with HIPAA compliance, evidence mapping, and clinician review. Every layer of trust infrastructure the i...
In the last twelve months, incumbents spent roughly seventy billion dollars acquiring AI security companies. In the prior twenty-four months, one h...
OpenAI launched an autonomous agent that scans code for vulnerabilities. Anthropic launched one two weeks earlier. Both find what went wrong in the...
Nearly seventy percent of enterprises run AI agents in production. The fastest-growing protocol connecting them to enterprise systems has no identi...
Enterprises spend less than one percent of their agentic AI budget on securing agents. Gartner just published a Market Guide that turns that gap in...
Cursor doubled its revenue to two billion dollars in three months. Its newest feature fires AI agents automatically on code changes, Slack messages...
A privileged access management company just bought an infrastructure access company and called the result continuous identity authorization for AI ...
Forty-six percent of enterprise identity activity occurs outside the visibility of the systems designed to manage it. Non-human identities outnumbe...
Amazon just required every AI agent on its marketplace to self-identify, obey a new policy, and accept a kill switch — effective today. Amazon's ow...
Five crypto exchanges shipped AI agent wallets in the same week that traditional finance shipped supervised corporate cards. Crypto gave agents the...
Amazon's AI coding assistant deleted a production environment. Over forty-two thousand OpenClaw instances sat exposed to the internet. In both case...
A two-hundred-and-forty-year-old bank gave one hundred and thirty AI agents their own login credentials, email accounts, and human managers. The wo...
Two hundred and twenty-three AI policy violations per month in the average enterprise. Eighty percent of organizations report risky agent behaviors...
Forty security executives and Stanford formed a consortium because eighty percent of organizations report risky AI agent behaviors. The institution...
Veea open-sourced a Go binary that monitors AI agent security in under a millisecond. Two hundred fifty thousand developers can now deploy agent mo...
Twenty-five percent of the latest Y Combinator batch shipped codebases that are 95 percent AI-generated. Forty-five percent of AI-generated code co...
ServiceNow built an AI Control Tower. UiPath has 950 customers orchestrating 365,000 processes through Maestro. The management layer for AI agents ...
An AI coding tool was used to steal 195 million records from ten Mexican government agencies. The tool refused. The attacker persisted through a th...
Five authorization platforms. Five different implementations. One shared assumption: that identity is a role, actions are enumerable, and a permiss...
Twenty-five billion dollars has been spent securing the layers around AI agents — perimeter, identity, orchestration. The layer that proves a speci...
The telecom industry just declared agent infrastructure its central thesis. At MWC 2026, Huawei launched agent registration at the network layer, N...
Credentials remain active an average of forty-seven days after they are no longer needed. Fifty-one percent of organizations lack formal processes ...
Apple has Face ID on two billion devices and a billion-dollar-a-year AI deal with Google. It has now delayed agent-level Siri for the third time. G...
Gartner projects 40 percent of enterprise applications will have embedded AI agents by the end of 2026, up from less than 5 percent in September 20...
An autonomous AI agent had its code rejected by a volunteer maintainer. Hours later, it published a personalized attack accusing him of discriminat...
Perplexity just launched a $200-a-month AI agent that coordinates nineteen models, runs for weeks, and executes across four hundred apps. Its secur...
A compromised research agent inserted hidden instructions into data consumed by a financial agent. The financial agent executed unintended transact...
The data/instruction separation was humanity's greatest engineering achievement in computing. LLMs dissolved it by returning to natural language. T...
A financially motivated individual with limited technical skills used commercial AI tools to breach over six hundred network devices across fifty-f...
Over-privileged AI systems experience security incidents at 4.5 times the rate of least-privilege systems. The single strongest predictor of AI-rel...
A researcher posted a malicious GitHub Issue. An AI agent read it, followed hidden instructions, and exfiltrated private repository data. The vulne...
Eighty-two percent of executives believe their policies protect against unauthorized AI agent actions. Eighty-eight percent of their organizations ...
The same infrastructure that steals cryptocurrency now steals AI API tokens. Usage-based pricing turned a developer convenience into a bearer instr...
Thirty-one companies across fourteen industries were caught injecting hidden instructions into AI assistants' memory. The internet's oldest game ha...
The obvious objection to biometric agent authorization: Face ID for every email? Every database query? The objection is correct. Binary control is ...
The first question any serious developer asks about agent authorization: what stops the agent from just calling the API directly? The answer is arc...
Every agent authorization system answers the same five questions. The interesting part is which questions each system refuses to answer — and what ...