Tag
security
5 articles
MCP Security: A 2026 Hardening Playbook After CVE-2025-6514
A practical 2026 security playbook for Model Context Protocol agents. It explains MCP-specific threats (prompt injection, tool poisoning, rug pulls, confused-deputy), dissects the critical CVE-2025-6514 mcp-remote RCE, and gives concrete hardening steps: patch to 0.1.16, enforce OAuth 2.1 over HTTPS, isolate servers, gate destructive actions, and audit agent activity.
By Marcus Rivera · 7 min · Jun 2, 2026
Prompt Injection: A 2026 Defense Playbook for AI Agents
A defense playbook for prompt injection in AI agents. It explains why the attack is unsolvable at the model layer, frames the threat with Simon Willison's lethal trifecta (private data, untrusted content, external communication), and prescribes layered controls: architectural separation, least-privilege tools, input filtering, egress allowlisting, circuit breakers, and hardened models, which can cut attack success from 73.2% to 8.7%.
By Marcus Rivera · 6 min · May 30, 2026
GPT-5.5-Cyber: OpenAI Hands Verified Defenders a Less-Restricted Model
OpenAI's GPT-5.5-Cyber, a less-restricted model, is now available for vetted cyber defenders.
By Sarah Chen · 6 min · May 8, 2026
Microsoft Agent 365: $15-Per-Seat Control Plane for Your AI Agents
Microsoft Agent 365 offers a control plane to observe, govern, and secure all your AI agents.
By Sarah Chen · 6 min · May 2, 2026
Claude Mythos: The AI Anthropic Built Then Refused to Release
Anthropic trained Claude Mythos, its most capable AI, but refused to release it due to security findings.
By Aisha Patel · 6 min · Apr 18, 2026