Policy dependency / Stack layer
Cynative Ships an Open-Source Deep-Research Security Agent With Default-Deny Write Permissions
IT Security News
Stack layer / Threat pattern
Varonis discloses 'Rogue Agent' — a Dialogflow CX flaw letting one permission poison a shared agent runtime
NxCode
Stack layer / Threat pattern
Wire Analysis: xAI's Grok Build CLI Silently Uploaded Entire Repos to a Google Cloud Bucket
cereblab wire analysis / Hacker News (corroborated by The Hacker News, Glitchwire)
Stack layer / Threat pattern
'Ghost Commit' Disclosure: PNG-Hidden Prompt Injection Makes Cursor and Anti-Gravity Exfiltrate .env Secrets
awesome-ai-agent-attacks timeline
Stack layer / Threat pattern
New MCP Spec Kills Old Risks but Opens Three Fresh Attack Surfaces, Akamai Warns
Akamai
Policy dependency / Update thread
NetInjectBench: Naive Network-Ops Agents Take Unsafe Actions 82.5% of the Time Under Prompt Injection
arXiv
Threat pattern / Contrast
Defenders turn prompt injection on offense: 'context bombing' shuts down hacking agents before they act
Ars Technica
Policy dependency / Stack layer
Codenotary ships AgentMon 3 for agent runtime policy and compliance logging
AI Agent Store