Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI agents are no longer just answering queries or summarizing documents. They are booking meetings, pulling customer data, triggering workflows, and even making decisions across systems. And they don’t ask for permission every time. That’s where the real problem starts. Because once an AI agent is connected to your tools, APIs, and internal systems, the question isn’t what it can do, it’s what it should be allowed to do.

Privileged access has become significantly more complex over the last few years. Security teams are managing Windows and macOS devices, administrators rely on native tools to do their jobs, network infrastructure continues to expand, and operational technology environments are becoming increasingly interconnected. At the same time, manual approval processes and fragmented controls often create more friction than protection.

Password managers are among the most helpful security tools available, offering strong password generation and encrypted credential storage. However, attackers are beginning to target password managers by exploiting the device registration flow, which is the process used to verify and approve a new device before it can access a user’s vault. By brute-forcing the One-Time Passwords (OTPs) that protect this step, attackers can register unauthorized devices and download copies of encrypted vaults.

Most organizations treat data security and data governance as parallel tracks managed by separate teams with separate tooling. Security owns the controls; governance owns the policies. The two programs rarely share a roadmap, and the gaps between them are where data risk actually lives. Governance without security enforcement leaves policy on paper. Security without governance context produces alerts without the underlying understanding of what the data is, who owns it, or why it matters.

As organizations rush to deploy AI agents across enterprises to handle HR cases, write and execute code, and manage customer interactions, they very often need to grant them access to sensitive systems and data.

Over the years, Dynamic Application Security Testing (DAST) has helped you identify common vulnerabilities via automated scanning, fuzzing, and pattern-based detection. While valuable for baseline vulnerability discovery and compliance requirements, many security leaders, including maybe yourself, are now questioning DAST.

AWS IAM Policy Simulator is a testing tool that helps teams evaluate whether an IAM policy allows or denies specific AWS actions before those permissions are applied in production.

This year's event made it clear that as AI agents scale across enterprises, we must solve ownership, delegation, least privilege, and auditability before production risk grows.

We found 62 live PyPI tokens leaking on public sources, enough to push malicious code to 125 packages with 25,000 monthly downloads. We reported them to PyPI, which revoked every one. Here's how we decoded the macaroons and checked which still worked.

On Jun 24, 2026, the codfish/semantic-release-action GitHub Action was compromised through an imposter commit attack. An attacker force-pushed two malicious commits into the repository and repointed sixteen tags to them, including the floating major version tags v2, v3, v4, and v5. Any workflow referencing the action by one of those tags will pull and run the attacker's code on its next CI run.