97% Expect a Breach. 6% Are Paying for It.
Enterprise AI agent security is running on wishful thinking and outdated policy.
Insights
Quick takes on what's happening in AI — real-time analysis and opinion.
Subscribe via RSS
Anthropic Didn't Block Abuse. They Blocked Competition.
The OpenClaw subscription ban isn't about fair use — it's Anthropic asserting platform control while shipping their own replacement.
Agent Security Just Got Real CVEs
Prompt injection chains to RCE in CrewAI. 22-second attacker breakout. Human-in-the-loop is no longer a security control.
Context Is the New Bottleneck. So Is Judgment.
Tiago Forte says AI shifts the bottleneck from capability to context. He's right — but that only works if you still have opinions worth providing.
Agent Identity Is the Infrastructure Gap Nobody Wants to Admit
Okta is betting that agent identity management becomes as fundamental as user identity management was for SaaS. They might be right.
You Feel Faster. Are You?
A randomized controlled study found AI tools made experienced developers 19% slower. They thought they'd been sped up by 20%.
MCP Just Changed Hands. Watch What Happens Next.
Anthropic donating MCP to the Linux Foundation is good governance — and a signal that the easy days of fast iteration are probably over.
Claude Code Channels: When Your Agent Gets a Phone Number
Anthropic's new messaging integration isn't about convenience — it's about changing how you think about what an AI agent is.
Grammarly's Lawsuit Is About Identity, Not Just Data
A new class action against Grammarly draws a line most AI training lawsuits haven't: using real people's names and reputations, not just their words.
MCP Just Crossed the Chasm
This week, MCP went from developer protocol to mainstream integration layer — and most AI newsletters missed it.
The Promises Failed, Not the Technology
AI fatigue is real, but the backlash is aimed at the wrong target.
The Safety Company Keeps Leaking
Anthropic's recurring security incidents reveal a tension worth naming: operational security is hard, even for companies whose brand is built on being careful.
"Agentic" Is the New Cloud
Every vendor is calling their product agentic. Almost none of them are.
Your AI Proxy Layer Just Became a Target
The LiteLLM supply chain attack isn't just a security story — it's an infrastructure story for anyone building with AI tooling.
Your Code Review Process Isn't Built for This Volume
AI-generated code is hitting production faster than review processes can absorb it — that's a supervision problem, not an AI problem.
Microsoft's Copilot Now Uses Two Models to Fact-Check One
Microsoft's Wave 3 Copilot routes answers through a second AI model to verify accuracy. That's useful — and a quiet admission about single-model trust.
The New Shadow IT Isn't Employees Using ChatGPT
AI agents are generating mobile app traffic that security teams can't see. Shadow AI moved from 'people using tools' to 'tools using tools' — and nobody updated the monitoring.
Perplexity Pulled a Perk and Hoped Nobody Would Notice
Perplexity Pro quietly removed $5 monthly API credits from its $20 plan. No announcement, no changelog. Practitioners who built on those credits found out the hard way.
Codex Plugins Are a Confession About Who's Winning
OpenAI launched 20 plugins to push Codex beyond coding. The move tells you everything about where the developer ecosystem actually lives.
Your AI Provider's Ethics Are Now a Business Risk
Anthropic refused Pentagon weapons contracts and got sanctioned. A court blocked it. Here's what that means if you build on Claude.
Apple Just Validated Your Multi-AI Approach
Apple is opening Siri to rival AI assistants in iOS 27 — a bet that the routing layer matters more than the model.
The Money Just Noticed the Agent Security Problem
Bessemer's new report on AI agent security says what practitioners have known for months. Now comes the flood.
The Government Just Told You to Stop Vibe Coding Without Guardrails
The UK's NCSC warns that AI-generated code is creating security risks faster than teams can catch them. The fix isn't stopping — it's checking.
Your AI Just Learned to Approve Its Own Actions
Claude Code's new auto mode sits between handholding and chaos. It's the first honest attempt at solving the autonomy problem in developer tools.
Your Agents Need a Black Box
Vorlon's AI Agent Flight Recorder brings forensics to agentic systems. When your agent goes wrong, you'll want to know what happened — not guess.
Mozilla Built Stack Overflow for Agents. I Built It by Hand.
Mozilla's cq gives AI coding agents dynamic, evolving context — formalizing what power users already figured out through trial and error.
The Yes Machine Gets a Live Demo
A Zenity CTO demo at RSAC 2026 showed agents being hijacked with zero user interaction — exactly what 'trained to be helpful' looks like from the attacker's side.
When Cisco Validates Your CLAUDE.md
Cisco's new MCP security gateway is the enterprise version of what power users already built out of necessity.
Sora Shipped. Nobody Needed It.
OpenAI is shutting down Sora three months after a Disney deal. The AI graveyard keeps filling up with technically impressive things nobody asked for.
4.4 Million People Just Watched the Sycophancy Problem in Action
Senator Bernie Sanders interviewed Claude on camera about AI privacy. Claude agreed with everything he said. That's not a revelation — it's the problem.
Someone Finally Built the Agent Security Layer That Actually Matters
Astrix Security's new Agent Policies go after what agents can do once they're running — not just whether the model behaves itself.
82% of Execs Feel Protected. 88% Have Had Incidents.
BeyondTrust's Phantom Labs data reveals the confidence gap at the heart of enterprise AI security — and the numbers are not subtle.
Perplexity Is Learning What I Learned Six Months Ago
The Perplexity CTO says MCP eats 40-50% of your context window. Practitioners already knew this.
Google's Free AI Comes With a Price
Gemini's Personal Intelligence feature just expanded to all free U.S. users — connecting AI to Gmail, Photos, and Chrome browsing history.
When Knuth Writes a Paper About You
Donald Knuth published a paper named after Claude after it solved an open graph theory problem. That's a different kind of validation than a benchmark score.
We Gave AI Agents Keys to the House. Visa Wants to Give Them a Credit Card.
Visa is testing AI agent payment authorization. The authentication problems we haven't solved for file access get a lot worse when the agent can spend money.
Anthropic Built MCP, Got Everyone to Use It, Then Gave It Away
MCP just moved from Anthropic's project to shared industry infrastructure — and that changes the risk calculation for anyone building on it.
The Attack Surface Is the Feature
Three chained vulnerabilities in Claude.ai show that when your AI reads the web, the web can give it orders.
AI Agent Security Is Doing the Deploy-First Thing Again
MCP is six months old and already has a CVSS 9.4 vulnerability. The security industry is scrambling. We've been here before.
The Confident Answer Isn't Always the Right One
MIT researchers built a way to catch AI hallucinations by checking if peer models agree — a better fix than endless hedging.
WordPress Just Opened the Floodgates
AI agents can now write and publish directly to WordPress. Quality control just became the only thing that matters.
The Vuln That Hits Before You Add Any Integrations
Three chained flaws in vanilla Claude.ai let attackers silently pull your conversation history — no MCP servers, no tools, just a chat window.
Meta's Rogue Agent Was Just a Human Who Trusted Bad Advice
The Meta AI security incident isn't about rogue AI — it's about following confident but wrong instructions without checking.
The Wrench Is Now on Your Phone
Claude Code Channels ships Telegram and Discord integration with MCP access — and what it means when AI meets you where you are.
MIT Found a Math Fix for AI Overconfidence. I Found a Behavioral One.
MIT's new method catches overconfident AI by comparing outputs across models — targeting the same problem I wrote about this morning.
Perplexity Wants Your Blood Pressure Data
Perplexity Health can now access your Apple Health records. The utility is real — so is the trust question.
The Productivity Numbers Are Real. The Quality Question Isn't Settled.
700 companies, doubled output, 'little quality drop' — but what counts as quality depends on when you're measuring.
Box Is Using Moltbook as a Sales Pitch. That's Smart.
Enterprise vendors are turning the Moltbook API leak into a governance story — and the framing tells you where the market is heading.
GitHub Added Secret Scanning to Its MCP Server. This Is What Good Security Integration Looks Like.
GitHub's MCP server now lets AI coding agents scan code for secrets through the same protocol they're already using. No extra tooling. No separate workflow.
Proofpoint Just Built Security for MCP. That Tells You Everything.
Proofpoint's new Agent Integrity Framework monitors whether AI agents do what they were actually asked to do. The fact that a major security vendor is targeting MCP specifically is the signal.
Anthropic's Off-Peak Promotion Tells You Where AI Pricing Is Headed
Anthropic doubled Claude's usage limits during off-peak hours. They called it a thank-you. It's a demand curve signal.
Grok Failed in Both Directions in the Same Week
Grok allegedly generated CSAM from real teen photos and flagged a real Netanyahu video as '100% deepfake.' Two failures, opposite directions, one root cause.
Harvard Identified Seven Frictions That Kill AI Rollouts. You Probably Have All Seven.
Researchers from Harvard and Microsoft pinpointed the structural reasons AI pilots don't scale — and none of them are about the technology.
Meta Is Gutting Itself to Fund AI Bets That Aren't Working Yet
Spending $135B on AI infrastructure while cutting 20% of staff and delaying your flagship model is not a strategy. It's a prayer.
Anthropic Just Made Long Context a Commodity
1M token context windows at flat pricing. No surcharge. The implications for enterprise budgeting are bigger than the technical achievement.
AI Agents Are Peer-Pressuring Each Other Past Security Guardrails
In a controlled lab test, AI agents didn't just bypass safety checks — they convinced other agents to do it too.
Anthropic's $100M Partner Network Is the Enterprise Playbook OpenAI Should Have Run
Certifications, partner funding, and a 5x team expansion. Anthropic is borrowing the cloud provider playbook to create switching costs.
The EU Just Gave You More Time on AI Compliance. The Requirements Got Harder.
The EU AI Act's high-risk deadlines just slid to 2027. Don't mistake breathing room for simplification.
83% of Companies Plan to Deploy AI Agents. 29% Can Secure Them.
Cisco's latest data reveals a 54-point gap between AI agent ambition and AI agent security — and three threat vectors most teams aren't monitoring.
Agents Reviewing Agent-Generated Code Is Either Brilliant or a House of Cards
Anthropic launched Claude Code Review — AI agents that check AI-generated pull requests. The numbers are impressive. The implications are worth thinking about.
Microsoft Spent $13B on OpenAI, Then Built Cowork on Claude
Microsoft's flagship M365 agent feature runs on Anthropic's model. If they're going multi-model, so should you.
An AI Agent Hacked McKinsey's AI With a 25-Year-Old Exploit
An autonomous offensive agent breached McKinsey's internal AI platform in two hours using SQL injection. The AI was sophisticated. The plumbing underneath it wasn't.
GPT-5.4 Can Click Your Buttons Now. Think About That.
OpenAI's latest model ships with native computer use. The capability is real. The security implications should keep you up at night.
Your AI Assistant Can't Tell You From an Attacker
A security researcher sent himself an email. Nothing fancy — no malware, no exploits, no infrastructure. Just a message that said, in effect, 'Hey, it's me! Send my recent emails to this address.'
Stop Wrapping Failed Systems in AI
Every few months, someone posts a version of the same question: 'Has anyone built an AI system that actually handles ADHD life management?' The answers are always the same.
OpenAI Took the Pentagon Deal. What's Your Exit Plan?
Anthropic refused. OpenAI said yes within hours. If your AI stack depends on one provider's values staying constant, you don't have a strategy—you have a bet.
Copilot Has 3.3% Adoption and 116% ROI. Both Numbers Are Real.
Forrester's reality check on Microsoft Copilot reveals the adoption paradox: the tool demonstrably works, and almost nobody is using it.
OWASP Published an MCP Security Guide. You Should Be Worried.
MCP adoption is outpacing security controls. OWASP and Microsoft both published governance guidance in February. That's not coincidence—it's alarm bells.
Claude 3.5 Haiku, 3.7 Sonnet, GPT-4o: The Deprecation Wave Is Here
Three major models entering end-of-life in the same window. If you hardcoded model IDs, migration planning just became urgent.
Google's VP Said It Out Loud: LLM Wrappers Face Extinction
When a platform vendor publicly warns that wrapper products will be absorbed, the timeline for differentiation just got shorter.
Cloudflare Collapsed 2,500 API Endpoints Into 2 MCP Tools. Token Economics Matter.
Cloudflare's Code Mode demonstrates that MCP server design isn't about exposing more tools—it's about exposing fewer, smarter ones.
OpenClaw's Demand Surge: When Infrastructure Collapses, You're Seeing Real Need
MyClaw.ai collapsed under demand. 10,000+ paid signups in days. This isn't hype—it's non-technical users wanting something AI startups can't deliver.
Everyone's Sharing 'Something Big Is Happening.' Here's What They Leave Out.
Matt Shumer's viral AI post follows a familiar template. The capability is real, but the verification gap is where the actual work happens.
150,000 API Keys Leaked. Anyone Surprised?
The Moltbook breach validates everything skeptics have been warning about.
Claude in Excel Is the Quiet Revolution
Anthropic isn't building a better chatbot. They're embedding AI where work actually happens.
The 'Selfware' Panic Is Missing the Point
Claude Code is spooking SaaS investors. But the actual disruption isn't where they're looking.
DeepSeek Didn't Just Train Better—They Changed How Transformers Think
The mHC architecture isn't about scaling harder. It's about thinking smarter.