Stories by edf13

If Your AI Agent Ran NPM Install During the Axios Attack, You're Compromised

Zero Ambient Authority: The Principle That Should Govern Every AI Agent

Alibaba's AI Agent Hijacked GPUs and Dug Reverse SSH Tunnels

Claude now decides what's safe to run – a UX improvement, not a security fix

AI agents are now deciding what's safe to run (Claude Auto Mode)

The Trivy Supply Chain Attack Reached LiteLLM

Meta's Rogue AI Agent Gave Engineers Access They Shouldn't Have Had

Meta's Rogue AI Agent Gave Engineers Access They Shouldn't Have Had

Google's A2A Protocol Has Zero Defenses Against Prompt Injection

Claude Code Channels

Permission Fatigue Is Not a UX Problem. It Is a Security Failure

NemoClaw vs. Grith: Sandbox for One Agent vs. Security for All

AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension

AI Agent Backdoors Trivy Security Scanner, Weaponizes a VS Code Extension

87% of AI-Generated Pull Requests Ship Security Vulnerabilities

Custom AI Smart Speaker

Claude Code Auto Mode Lets the Agent Approve Its Actions – That's the Problem

Lloyds, Bank of Scotland and Halifax apps showed other users transactions

Claude Code Attempted 752 /proc/*/environ Reads. 256 Succeeded. Codex: 0

I checked every syscall Claude and Codex made for a simple task

1 2 3 4 5 6