Posts

The software supply chain attack models your security team has been defending against for the past decade assumed one thing: the entities making decisions inside your build pipeline were humans. Slow, reviewable, occasionally careless humans — but humans. Coding agents like Claude Code, Cursor, and GitHub Copilot Workspace have changed that assumption. They are autonomous participants in the software development lifecycle: generating code, selecting dependencies, executing build steps, and pushing changes at machine speed. The attack surface they introduce is the natural consequence of giving a privileged, autonomous system access to an environment where a single bad decision can propagate into production before any human review process catches it. ...

Most of the AI agent conversation focuses on intelligence: which model, which framework, which prompting strategy produces the best results. Dapr Agents v1.0, announced generally available at KubeCon + CloudNativeCon Europe 2026 in Amsterdam, focuses on a different problem entirely: survival. What happens to your AI agent when a Kubernetes node restarts mid-task? When a network partition interrupts a long-running workflow? When your cluster scales down to zero overnight? For most frameworks, the answer is: the agent dies and you start over. ...

OpenAI has quietly shipped one of its most structurally important features in months: ChatGPT Library — persistent file storage that persists across conversations, available across ChatGPT’s web and app interfaces. On its surface, it looks like a convenience feature. Upload your documents, reference them later, organize them in one place. Useful, unremarkable. The analysis from Nicholas Rhodes in his Substack newsletter argues it’s actually something more significant: foundational long-term memory infrastructure for AI agents. ...

A new OpenClaw security vulnerability has been publicly disclosed. If you’re running OpenClaw, check your version right now. CVE-2026-32895 (CVSS 5.3 — Medium) affects all OpenClaw versions prior to 2026.2.26. The patch is available. There is no good reason to stay on a vulnerable version. What the Vulnerability Does The flaw is an authorization bypass in OpenClaw’s system event handlers — specifically the member and message subtype handlers. OpenClaw lets administrators restrict which users can interact with an agent via Slack DM allowlists and per-channel user allowlists. CVE-2026-32895 breaks that enforcement. An attacker who is not on a channel’s allowlist can craft and send system events that the vulnerable handlers process anyway, effectively bypassing the access controls entirely. ...

Alongside Dapr Agents v1.0 and the CNCF AI Conformance Program updates, KubeCon Europe 2026 delivered a third piece of production AI agent infrastructure: agentevals, a new open-source project from Solo.io that brings continuous behavioral scoring to agent deployments. The problem agentevals addresses is deceptively simple to state and surprisingly hard to solve: how do you know if your production AI agent is still doing what it’s supposed to do? What agentevals Does Most AI agent evaluation today happens at development time — you run evals before deploying, decide the agent is good enough, and ship it. What happens after deployment is typically monitored through logs and user feedback, not through continuous automated assessment. ...

On March 26 in San Francisco’s Financial District — two days from now — something notable is happening in the AI agent security space: Gen (NASDAQ: GEN, the parent company of Norton, Avast, and LifeLock) is co-hosting an exclusive post-RSA event with the OpenClaw core team. This is the first confirmed public partnership between the OpenClaw team and a major enterprise cybersecurity vendor. And it matters beyond the event itself. ...

饲养龙虾. Sìyǎng lóngxiā. “Raising lobsters.” That’s the phrase that took root in Chinese tech communities to describe the act of setting up and nurturing a personal OpenClaw AI agent. And for a few months, it was a national phenomenon — enthusiastic, grassroots, and spreading fast. Now, according to a sweeping NBC News feature published March 24, the craze is running into its first serious friction: government security concerns, corporate pullbacks, and a mainstream media that still can’t quite tell OpenClaw from OpenAI. ...

JetBrains has been quietly building something bigger than an IDE upgrade. On March 24, the company officially confirmed JetBrains Central — described as “the control and execution plane for agent-driven software production” — with Early Access opening in Q2 2026. If you’ve been following the JetBrains Air IDE (which this site covered earlier), Central is the layer above it. Air is where individual AI coding agents work. Central is where you manage, coordinate, and scale many of them simultaneously. ...

In a single week, OpenAI pulled off one of its most dramatic pivots yet: killing off Sora — the AI video generation app it launched just six months ago — while quietly completing pretraining on its next-generation flagship model internally codenamed “Spud.” The double announcement is more than product housekeeping. It signals OpenAI’s strategic posture heading into its IPO: ruthless focus on frontier model capability at the expense of creative consumer bets. ...

On March 26, Gen Digital — the NASDAQ-listed parent company of Norton, Avast, and LifeLock — will co-host an exclusive post-RSA event in San Francisco’s Financial District with members of the OpenClaw core team. The event, “The Future of Safe AI Agents,” marks what appears to be the first confirmed public partnership between the OpenClaw team and a major cybersecurity vendor. What’s Being Demoed The centerpiece of the event is Gen’s Agent Trust Hub (ATH) — a free security platform launched in February 2026 designed to help individuals and organizations govern AI agent behavior before and during deployment. ...