Every processed story in chronological order, with the newest coverage first. Filter by tag, source, or score to drill in.
VulnFeed brings EPSS-prioritized, lockfile-aware CVE scanning directly into MCP-compatible coding agents, replacing broad CVE noise with targeted, fix-ready alerts for a project's actual dependencies.
Vercel Connect removes the standing risk of leaked long-lived provider tokens by ensuring no provider secret ever resides in the app, replacing broad standing grants with short-lived, task-scoped credentials that expire automatically and can be revoked without a full secret rotation.
The article demonstrates that microVMs via `krun` provide kernel-level isolation for AI coding agents without abandoning the familiar Podman/container workflow, directly addressing the sandbox-escape and privilege-escalation risks that container-only approaches leave open.
The autonomous nature of AI agents means a single misconfigured MCP server can cause broader damage than an equivalent REST endpoint, making the OAuth authorization layer the post describes a direct mitigation against the already-documented MCP security vulnerabilities.
The double iframe architecture is the direct result of ruling out every simpler sandboxing approach, meaning MCP app developers who understand the constraint can anticipate the strict domain-declaration requirement and avoid submission rejections.
The skill packages a repeatable, severity-scored security audit directly into the Claude Code workflow, addressing the gap where AI-generated apps ship without any security review.
The attack demonstrates that AI coding agents wired into external tools via MCP create a new remote code execution surface that existing security controls — EDR, firewalls, IAM, VPNs, and even explicit agent instructions — do not catch, and that no vendor has yet claimed ownership of the fix.
Existing code-layer scanners miss between 89% and 100% of instruction-layer threats like Prompt Injection and Memory Poisoning in LLM agent skills, and SKILLVETBENCH's LLM-as-Judge approach closes that gap with zero false negatives across 78 confirmed-malicious skills in benchmark testing.
RSA demonstrates that dynamic, context-targeted auditing catches malicious agent skills that static detectors miss and remain robust under self-evolving adversarial attacks where static methods collapse.
SecureClaw is the first architecture evaluated across AgentDojo, AgentLeak, and ASB in a common harness that closes both the plaintext-exposure and unauthorized-action boundaries simultaneously, rather than trading one surface for the other.