Security

Deno Sandbox launched for running AI-generated code

Deno Sandbox works in tandem with Deno Deploy—now in GA—to secure workloads where code must be generated, evaluated, or safely executed on behalf of an untrusted user.

Apiiro’s Guardian Agent guards against insecure AI code

Application security agent rewrites developer prompts into secure prompts to prevent coding agents from generating vulnerable or non-compliant code.

Crooks are hijacking and reselling AI infrastructure: Report

Researchers at Pillar Security say threat actors are accessing unprotected LLMs and MCP endpoints for profit. Here’s how CSOs can lower the risk.

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’

Digital Transformation in Prisons: How Kazakhstan is Leading the Way

Why your AI agents need a trust layer before it’s too late

One hacked AI agent took down 50 others, proving that agentic AI needs a “DNS for trust” before autonomy turns into chaos.

Agentic AI exposes what we’re doing wrong

Autonomous software is forcing cloud teams to confront weaknesses in networking, identity, cost, and architecture.

GitLab 2FA login protection bypass lets attackers take over accounts

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS and web versions have been patched.

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.

Google Vertex AI security permissions could amplify insider threats

A new way to escalate privileges inside Google’s Vertex AI highlights a broader problem: Enterprises have a level of trust in AI offerings that needs to be fundamentally reexamined.