The Enterprise Cybersecurity Context Problem

The enterprise cybersecurity stack has never been more capable, yet breaches continue and security teams are more overwhelmed ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
GitHub

nano-claw

nano-claw/ ├── src/ │ ├── agent/ # 🧠 Core agent logic │ │ ├── loop.ts # Agent loop (LLM ↔ tool execution) │ │ ├── context.ts # Prompt builder │ │ ├── memory.ts # Persistent memory │ │ ├── skills.ts ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
InfoQ

CodeGuardian: a Model Context Protocol Server for AI-Assisted Code Quality Analysis and Security Scanning

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

A critical security vulnerability has been disclosed in a Python-based sandbox called Terrarium that could result in arbitrary code execution. The vulnerability, tracked as CVE-2026-5752, is rated 9.3 ...
VentureBeat

Cloudflare’s new Dynamic Workers ditch containers to run AI agent code 100x faster

Web infrastructure giant Cloudflare is seeking to transform the way enterprises deploy AI agents with the open beta release of Dynamic Workers, a new lightweight, isolate-based sandboxing system that ...
LinkedIn

Where Vision Meets Execution: Panduit's Global Channel Transformation Powered by Partnership with Group Atlantic

When global organizations decide to transform how they operate, the challenge is rarely a lack of ambition. More often, it is a lack of clarity around how to execute change effectively and sustainably ...
Bleeping Computer

Critical sandbox escape flaw found in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system. The open-source ...
GitHub

Abstract Agent Type System with Context Graphs, DIDs/VCs, Causality, and Provenance

A comprehensive framework for defining agent behavioral contracts (Abstract Agent Types) and managing their runtime interactions through Context Graphs, with full support for decentralized identity, ...
InfoQ

Running Modern ES2023 JavaScript inside Go Using QJS and WebAssembly

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...