Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications, decentralized teams, machine identities, and autonomous systems. The result is Identity Dark Matter...

Benchmarking Security Risk Detection and Verification in Open Agentic Skill Ecosystems

Open agent platforms allow community contributors to publish reusable skills that agents can invoke at runtime. This extensibility also creates a supply-chain risk: malicious contributors can hide harmful behavior inside skills that appear benign under superficial inspection. However, existing...

OWASP FinBot CTF 0.2

FinBot is an Agentic AI security CTF platform from OWASP. Interact with AI agents, exploit real vulnerabilities, and learn to secure agentic systems. All from your browser...

Investigating Detection and Obfuscation of Prompt Injection Attacks against Software Reverse Engineering AI Agents

Agentic software reverse engineering systems are vulnerable to prompt injection attacks placed into the source code of executable binary files. This research demonstrates defensive tactics for detecting the presences of prompt injection strings in the decompiler output of adversarial example...

The Alert Firehose Finally Meets Its Match

Ask a cybersecurity pro about Network Detection and Response NDR and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positive...

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

In this article 1. Why we are investing in this 2. RAMPART: Continuous safety testing for agentic AI 3. Clarity: Helping check software engineering assumptions 4. RAMPART and Clarity available now The AI systems shipping inside enterprises today are fundamentally different from the ones we were...

Detecting Offensive Cyber Agents: A Detection-In-Depth Approach

Artificial Intelligence AI agents can now orchestrate cyberattacks. This development is already increasing the speed and scale of cyber attacks, decreasing attack costs, and improving the operational autonomy of cyber capabilities. To defend against these emerging threats, actors must first devel...

Agentic Governance: Why It Matters Now

AI agents now act inside the trust boundary with real credentials, and agentic governance is what keeps them from quietly breaking things at machine speed...

ADR: An Agentic Detection System for Enterprise Agentic AI Security

We present the Agentic AI Detection and Response ADR system, the first large-scale, production-proven enterprise framework for securing AI agents operating through the Model Context Protocol MCP. We identify three persistent challenges in this domain: 1 limited observability -- existing Endpoint...

Defense in depth for autonomous AI agents

Designing Secure Autonomous AI Agents with Defense in Depth AI agents are moving beyond assistance and into action. Instead of generating content, they invoke tools, modify data, trigger workflows, and operate across systems with increasing autonomy. This shift changes the security problem...

The End of Trust: How Agentic AI Breaks Security Assumptions

For decades, the security of digital interaction has rested on an unacknowledged economic constraint. Attackers faced a tradeoff between the fidelity of a deception and the scale at which it could be deployed. Convincing impersonation required sustained human effort and was confined to a narrow s...

Detecting Privilege Escalation in Polyglot Microservices Via Agentic Program Analysis

Microservices are widely adopted in modern cloud systems due to their scalability and fault tolerance. However, microservice architectures introduce significant complexity in privilege and permission control, creating risks of privilege escalation where attackers can gain unauthorized access to...

Defense at AI speed: Microsoft’s new multi-model agentic security system tops leading industry benchmark

In this article 1. AI-powered vulnerability discovery at hyper-scale 2. Codename: MDASH—Microsoft Security’s new multi-model agentic scanning harness 3. Using codename MDASH for security research 4. The 5.12.2026 Patch Tuesday cohort 5. Two deep dives 1. CVE-2026-33827—Remote unauthenticated UAF ...

CVE-2026-44246

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowednonwriteusers: $...

CVE-2026-44246 nnU-Net: Agentic workflow injection in `.github/workflows/issue-triage.yml` of `MIC-DKFZ/nnUNet`

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowednonwriteusers: $...

EUVD-2026-29841

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowednonwriteusers: $...

CVE-2026-44246

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowednonwriteusers: $...

EUVD-2026-29538

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow...

PT-2026-40433

nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in .github/workflows/issue-triage.yml is vulnerable to Agentic Workflow Injection. The workflow sets allowed non write users: $...