NewsOWASP Top 10 Agentic Applications 2026 Least Agency PrincipleOWASP·high signalDefinitive agent risk framework introducing Least Agency principle. Top risks: Agent Goal Hijack, Tool Misuse, Identity Abuse, Supply Chain.SourceSource pageOWASP↳ Follow the threadThreat patternRedact secrets at the source of MCP audit logs, not the sinkOWASP GenAIPolicy dependency / Stack layerKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker NewsStack layer / Threat patternDefend against prompt injection with an embedding-scored Threat Library, not brittle regex rulesPromptHaloStack layer / Threat patternVanta Ships Its AI Agent to GA This Month Plus an Agent for Risk Targeting 'Shadow AI'Business WirePolicy dependency / Stack layerIAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agentsIAPSThreat pattern / ContrastMid-Session Tool Injection weaponized against WebMCP agents via threshold poisoning and fake diagnostic eventsAdversa AIStack layer / Follow-up threadOpenAI's GPT-Live-1 Makes Voice Full-Duplex and Delegates Hard Reasoning to GPT-5.5OpenAIStack layerVera Framework Auto-Generates Agent Safety Tests; 93.9% Attack Success on Production FrameworksarXiv