Asqav: Open-source SDK for AI agent governance 2026-04-09 at 08:27 By Mirko Zorz AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the MIT license, addresses that gap by attaching a cryptographic signature to each agent action […]
Asqav: Open-source SDK for AI agent governance Read More »
Microsoft releases open-source toolkit to govern autonomous AI agents 2026-04-03 at 08:39 By Anamarija Pogorelec AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to
Microsoft releases open-source toolkit to govern autonomous AI agents Read More »
Amazon sends AI agents into pen testing and DevOps 2026-03-31 at 20:31 By Sinisa Markovic Amazon’s latest AI capabilities bring on-demand penetration testing through the AWS Security Agent, alongside the AWS DevOps Agent. “These agents are changing the way we secure and operate software. AWS Security Agent compresses penetration testing timelines from 2-6 weeks to
Amazon sends AI agents into pen testing and DevOps Read More »
AI SOC vendors are selling a future that production deployments haven’t reached yet 2026-03-26 at 12:32 By Mirko Zorz Vendors selling AI-powered security operations platforms have built their pitches around a consistent set of promises: autonomous threat investigation, dramatic reductions in analyst workload, and an accelerating path toward humanless operations. Practitioners buying and deploying those
AI SOC vendors are selling a future that production deployments haven’t reached yet Read More »
Who owns AI agent access? At most companies, nobody knows 2026-03-26 at 07:12 By Anamarija Pogorelec AI agents are operating across production enterprise environments at scale, and the identity infrastructure managing their access has not kept up with their deployment. A January 2026 survey of 228 IT and security professionals, conducted by the Cloud Security
Who owns AI agent access? At most companies, nobody knows Read More »
The AI safety conversation is focused on the wrong layer 2026-03-24 at 16:30 By Mirko Zorz Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that fragmentation was manageable. Humans log in, log out, and make decisions slowly enough that gaps
The AI safety conversation is focused on the wrong layer Read More »
Your AI agents are moving sensitive data. Do you know where? 2026-03-23 at 09:18 By Mirko Zorz In this Help Net Security interview, Gidi Cohen, CEO at Bonfy.AI, addresses what he sees as the most pressing gap in AI agent security: data-layer risk. While the industry focuses on prompt injection and model behavior, Cohen argues
Your AI agents are moving sensitive data. Do you know where? Read More »
Hidden instructions in README files can make AI agents leak data 2026-03-17 at 08:02 By Sinisa Markovic Developers rely on AI coding agents to set up projects, install dependencies, and run commands by following instructions in repository README files, which provide setup guidance for software projects. New research identifies a security risk when attackers hide
Hidden instructions in README files can make AI agents leak data Read More »
AI coding agents keep repeating decade-old security mistakes 2026-03-13 at 08:01 By Anamarija Pogorelec Coding agents are now writing production features on real development teams, and a new report from DryRun Security shows that those agents introduce security vulnerabilities at a high rate across nearly every type of application they build. “AI coding agents can
AI coding agents keep repeating decade-old security mistakes Read More »
Agentic attack chains advance as infostealers flood criminal markets 2026-03-12 at 08:35 By Mirko Zorz Cybercriminals spent much of 2025 automating their operations, shifting from one-off attacks to systems that can run entire intrusion cycles with minimal human input. Data collected from criminal forums, illicit marketplaces, and underground chat services shows a threat environment where
Agentic attack chains advance as infostealers flood criminal markets Read More »
Open-source tool Sage puts a security layer between AI agents and the OS 2026-03-09 at 08:06 By Anamarija Pogorelec Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing. Open-source project Sage inserts an interception layer between an AI agent
Open-source tool Sage puts a security layer between AI agents and the OS Read More »
Cursor Automations turns code review and ops into background tasks 2026-03-06 at 12:18 By Anamarija Pogorelec Cursor Automations, the always-on agent platform from Cursor, is expanding with a new generation of autonomous systems that streamline code review, incident response, and other engineering workflows. The platform runs AI agents on schedules or in response to development
Cursor Automations turns code review and ops into background tasks Read More »
As AI agents start making purchases, security teams must rethink risk 2026-03-05 at 08:17 By Zeljka Zorz In this Help Net Security interview, Donald Kossmann, CTO at fintech company Chargebacks911, talks about the emerging security, fraud, and governance risks of “agentic commerce,” where AI agents can autonomously make purchasing decisions on behalf of users or
As AI agents start making purchases, security teams must rethink risk Read More »
Engineering trust: A security blueprint for autonomous AI agents 2026-03-05 at 07:06 By Help Net Security AI agents have evolved from just chatbots, answering questions to executing actions using various integrated tools, often autonomously, and as such the traditional security models have become less efficient. I have seen that firsthand as a security lead for
Engineering trust: A security blueprint for autonomous AI agents Read More »
The vulnerability that turns your AI agent against you 2026-03-04 at 16:08 By Help Net Security Zenity Labs disclosed PleaseFix, a family of critical vulnerabilities affecting agentic browsers, including Perplexity Comet, that allow attackers to hijack AI agents, access local files, and steal credentials within authenticated user sessions. The vulnerabilities can be triggered through malicious
The vulnerability that turns your AI agent against you Read More »
AI went from assistant to autonomous actor and security never caught up 2026-03-03 at 08:35 By Mirko Zorz Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security
AI went from assistant to autonomous actor and security never caught up Read More »
AI risk moves into the security budget spotlight 2026-03-02 at 09:08 By Anamarija Pogorelec Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 respondents in 20 countries, places that shift alongside growing pressure on data
AI risk moves into the security budget spotlight Read More »
When cyber threats start thinking for themselves 2026-03-02 at 07:30 By Help Net Security In this Help Net Security video, Jason Rivera, Field CISO & Head of Solution Engineering at SimSpace, discusses how autonomous AI agents are changing cyber threats. Drawing on experience in the US Army, NSA, Deloitte, and CrowdStrike, he describes how security
When cyber threats start thinking for themselves Read More »
IronCurtain: An open-source, safeguard layer for autonomous AI assistants 2026-02-28 at 07:07 By Zeljka Zorz Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized. His open-source software solution, called IronCurtain, aims to neutralize the risk of an LLM-powered agent
IronCurtain: An open-source, safeguard layer for autonomous AI assistants Read More »
The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one
The $19.5 million insider risk problem Read More »