Agentic AI News

On the same day that Meta confirmed its first rogue-agent Sev 1 security incident, NVIDIA dropped the tool that the enterprise world arguably needed yesterday: OpenShell, an open-source secure runtime environment for autonomous AI agents. Released under Apache 2.0 as part of the NVIDIA Agent Toolkit at GTC 2026, OpenShell is designed to put a hard enforcement layer between an agent and everything it shouldn’t touch. The timing is not a coincidence. Enterprise AI teams are deploying agents that can execute code, read file systems, and make network calls — and the governance infrastructure for those capabilities is, in most organizations, significantly behind the capability itself. OpenShell is an attempt to close that gap at the runtime level. ...

Microsoft quietly shipped one of the more significant quality-of-life updates for AI-assisted development in VS Code 1.112, released today. The headline feature: a three-tier agent permission system that ranges from cautious confirmation-heavy mode all the way to full Autopilot — where the agent runs without asking for approval and automatically handles retries and responses. This isn’t just a UI preference. It’s a formal architecture for how humans and coding agents share control, and it finally gives developers explicit language and tooling to choose their level of trust in the agent at the workspace or global level. ...

Singapore’s national AI strategy isn’t just policy — it’s turning into real capital flowing into agentic infrastructure companies. The latest signal: Agnes AI, which builds unified agentic infrastructure with intelligent routing and autonomous multi-agent coordination, just raised tens of millions in new funding and is approaching $20 million in annual recurring revenue. The company is also eyeing a listing on the Singapore Exchange (SGX) by the end of 2026. What Agnes AI Builds Agnes AI sits in the infrastructure layer of the agentic stack — not a specific application or vertical agent, but the plumbing that makes multi-agent systems work reliably at scale. Its platform focuses on three capabilities: ...

Anthropic just shipped something that feels genuinely futuristic: a way to hand tasks to your AI agent from your phone and come back later to find them done. It’s called Claude Dispatch, and it launched March 17 as a research preview inside Claude Cowork — currently available to Max subscribers on Mac. What Is Claude Dispatch? Claude Dispatch is a new capability within Claude Cowork, Anthropic’s persistent desktop agent environment. The core idea: one continuous conversation with Claude that lives on your Mac, reachable from anywhere via your phone. ...

The “AI pilot problem” is real: enterprises spend months testing generative and agentic AI in controlled environments, then struggle to move anything into production at scale. Hexaware’s answer, launched March 17, is a platform that shortcuts that journey with 600+ agents already built and ready to go. Agentverse™ is a governed enterprise AI agent platform designed to take organizations directly from experimentation to operational deployment. What Agentverse™ Actually Is Agentverse™ isn’t a generic agent builder. It’s a curated catalog of production-ready AI agents — over 600 of them — organized across IT and business operations domains, with an orchestration layer that coordinates them across enterprise systems. ...

IBM published its 2026 enterprise AI trends analysis this week on IBM Think, and the framing is notably specific. While most trend reports talk about “AI” in broad strokes, IBM’s research team cut straight to the architectural patterns they expect to dominate enterprise deployments this year: cooperative model routing and agentic loops. These aren’t just buzzwords. They’re the two technical patterns at the heart of every serious agentic deployment — and IBM’s analysis is worth understanding if you’re building or buying AI systems for production. ...

The bottleneck for agentic AI at scale has never really been the models — it’s been the infrastructure to run them cost-effectively at production volume. NVIDIA just addressed that directly with Dynamo 1.0, the production release of its open-source inference operating system, announced at GTC on March 16. The headline number: 7x inference speedup on Blackwell GPUs. The more important story is what Dynamo actually does architecturally. Dynamo as an Inference Operating System Jensen Huang’s framing is precise: Dynamo is the “operating system” for AI factories, not just a performance library. Just as a traditional OS orchestrates CPU, memory, and storage for application workloads, Dynamo coordinates GPU and memory resources across a cluster to handle the unpredictable, heterogeneous demands of production AI inference. ...

Anthropic’s Claude has now gone down three times in March 2026 — and the pattern is getting hard to dismiss as routine maintenance. The latest outage peaked at over 6,800 Downdetector reports, with API 500 errors cascading across agentic workflows, Claude Code sessions, and enterprise integrations worldwide. For teams running Claude-backbone pipelines, this isn’t just an inconvenience. It’s a reliability risk that demands a serious engineering response. What Happened (Again) On March 17, Claude’s API began returning 500 errors at scale. Users across multiple continents reported complete service unavailability, with Downdetector tracking reports surging past 6,800 complaints at peak — a figure confirmed across multiple independent sources including The Independent, Rolling Out, Economic Times, and Hindustan Times. ...

Security researchers dropped a cluster of critical findings today that should be on every agentic AI team’s radar. Vulnerabilities disclosed on March 17, 2026 affect three widely-used components of modern AI pipelines: Amazon Bedrock AgentCore, LangSmith, and SGLang — with the SGLang flaws scoring a maximum-tier 9.8 CVSS and allowing unauthenticated remote code execution. If your production agentic pipeline touches any of these systems, read this now. Amazon Bedrock: DNS Exfiltration Despite “No Network Access” BeyondTrust researchers revealed that Amazon Bedrock AgentCore’s Code Interpreter sandbox — marketed as network-isolated — actually permits outbound DNS queries. That’s a critical gap between what “no network access” implies and what it delivers. ...

The Model Context Protocol has had a remarkable adoption curve — from Anthropic specification to industry standard in under 18 months. But widespread MCP adoption has exposed a control gap that the ecosystem is now racing to address: how do you govern what AI agents can actually do once they have tool access? Enter the MCP Security Gateway — a new product category that’s emerging from multiple vendors simultaneously, with Gartner’s endorsement giving it enterprise credibility on day one. ...