CoinDesk

Mass deployment of AI agents is a disaster waiting to happen, says CertiK CEO

Ronghui Gu shares tips on how to isolate AI agents while testing them so they do not have access to critical personal information or digital assets.
CSO Online

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

Microsoft Threat Intelligence has uncovered an active supply chain attack involving malicious npm packages registered under organizational scopes that mirror real internal corporate namespaces, ...