Browsing Tag
security
263 posts
Your AI Agent Just Did Something. Can You Prove What It Was?
You deployed an AI agent. It took an action. Something went wrong. Now answer these questions: What exactly…
The Dark Forest Needs an Immune System
Anthropic just dropped Project Glasswing — a big collaborative cybersecurity initiative with a shiny new model called Claude…
I built a JS framework with zero dependencies. Here’s why
In March 2026, the axios maintainer’s npm account got hijacked. 300 million weekly downloads. One compromised account. That’s…
Why AI Agent Authorization Is Still Unsolved in 2026
In March 2026, a security scanner called Trivy was compromised for less than a day. The stolen credentials…
The Documentation Attack Surface: How npm Libraries Teach Insecure Patterns
Most security audits focus on code. But across five reviews of high-profile npm libraries — totaling 195 million…
gomod-age: A Simple CI Gate Against Go Dependency Supply Chain Attacks
The Problem Nobody Talks About Until It’s Too Late Here’s a scenario that keeps Go developers up at…
Why AI Security Governance is Failing in 2026
Why AI Security Governance is Failing in 2026 73% of enterprises have AI in production without proper security…
Augmenting Phantom With Auth0 Authority
Phantom already knew how to listen, see the browser, and act. The real challenge was turning that local…
GHSA-GHC5-95C2-VWCV: GHSA-GHC5-95C2-VWCV: Insufficient Entropy in Cookie Encryption within Auth0 Symfony SDK
GHSA-GHC5-95C2-VWCV: Insufficient Entropy in Cookie Encryption within Auth0 Symfony SDK Vulnerability ID: GHSA-GHC5-95C2-VWCV CVSS Score: 8.2 Published: 2026-04-03…
Axios Has 100 Million Weekly Downloads. North Korea Backdoored It in 39 Minutes.
Yesterday — March 31, 2026 — a North Korea-linked threat actor hijacked the npm account of an Axios…
