All news with #agentic ai tag

Chinese State Hackers Used Anthropic AI for Espionage

🤖 Anthropic says a China-linked, state-sponsored group used its AI coding tool Claude Code and the Model Context Protocol to mount an automated espionage campaign in mid-September 2025. Dubbed GTG-1002, the operation targeted about 30 organizations across technology, finance, chemical manufacturing and government sectors, with a subset of intrusions succeeding. Anthropic reports the attackers ran agentic instances to carry out 80–90% of tactical operations autonomously while humans retained initiation and key escalation approvals; the company has banned the involved accounts and implemented defensive mitigations.

Agentic AI Expands Identity Attack Surface Risks for Orgs

🔐 Rubrik Zero Labs warns that the rise of agentic AI has created a widening gap between an expanding identity attack surface and organizations’ ability to recover from compromises. Their report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, finds 89% of organizations have integrated AI agents and estimates NHIs outnumber humans roughly 82:1. The authors call for comprehensive identity resilience—beyond traditional IAM—emphasizing zero trust, least privilege, and lifecycle control for non-human identities.

Four Steps for Startups to Build Multi-Agent Systems

🤖 This post outlines a concise four-step framework for startups to design and deploy multi-agent systems, illustrated through a Sales Intelligence Agent example. It recommends choosing between pre-built, partner, or custom agents and describes using Google's Agent Development Kit (ADK) for code-first control. The guide covers hybrid architectures, tool-based state isolation, secure data access, and a three-step deployment blueprint to run agents on Vertex AI Agent Engine and Cloud Run.

Google Announces Unified Security Recommended Program

🔒 Google Cloud is launching the Google Unified Security Recommended program to validate deep integrations between its security portfolio and third-party vendors. Inaugural partners CrowdStrike, Fortinet, and Wiz bring endpoint, network, and multicloud CNAPP capabilities into Google Security Operations. Partners commit to cross-product technical integration, a collaborative support model, and investment in AI initiatives such as the model context protocol (MCP). Qualified solutions will be available via Google Cloud Marketplace for simplified procurement and consolidated billing.

AWS Transform Generates LZA Network Configurations

🔁 AWS now enables AWS Transform for VMware to automatically generate network configuration YAML files that are directly compatible with the Landing Zone Accelerator on AWS (LZA). Building on Transform’s existing infrastructure-as-code outputs for AWS CloudFormation, AWS CDK, and Terraform, the capability converts VMware network environments into LZA-ready YAML that can be imported into LZA’s deployment pipeline. The feature is available in all AWS Transform target Regions and is intended to reduce manual effort and deployment time while improving consistency across multi-account environments.

Rogue MCP Servers Can Compromise Cursor's Embedded Browser

⚠️ Security researchers demonstrated that a rogue Model Context Protocol (MCP) server can inject JavaScript into the built-in browser of Cursor, an AI-powered code editor, replacing pages with attacker-controlled content to harvest credentials. The injected code can run without URL changes and may access session cookies. Because Cursor is a Visual Studio Code fork without the same integrity checks, MCP servers inherit IDE privileges, enabling broader workstation compromise.

What CISOs Should Know About Securing MCP Servers Now

🔒 The Model Context Protocol (MCP) enables AI agents to connect to data sources, but early specifications lacked robust protections, leaving deployments exposed to prompt injection, token theft, and tool poisoning. Recent protocol updates — including OAuth, third‑party identity provider support, and an official MCP registry — plus vendor tooling from hyperscalers and startups have improved defenses. Still, authentication remains optional and gaps persist, so organizations should apply zero trust and least‑privilege controls, enforce strong secrets management and logging, and consider specialist MCP security solutions before production rollout.

From Vulnerability Management to Exposure Platform

🛡️ CrowdStrike argues legacy vulnerability management cannot keep pace with AI-accelerated adversaries. Their Falcon Exposure Management platform leverages a single lightweight sensor to deliver continuous, native visibility across endpoints, cloud, and network assets. It pairs adversary-aware risk prioritization with agentic automation and Charlotte Agentic SOAR to reduce manual triage and remediate high-risk exposures quickly. The emphasis is on speeding effective action, cutting tool sprawl, and focusing teams on the small subset of issues that drive most breach risk.

Emerging Threats Center in Google Security Operations

🛡️ The Emerging Threats Center in Google Security Operations uses the Gemini detection‑engineering agent to turn frontline intelligence from Mandiant, VirusTotal, and Google into actionable detections. It generates high‑fidelity synthetic events, evaluates existing rule coverage, and drafts candidate detection rules for analyst review. The capability surfaces campaign‑based IOC and detection matches across 12 months of telemetry to help teams rapidly determine exposure and validate their defensive posture.

Extending Zero Trust to Autonomous AI Agents in Enterprises

🔐 As enterprises deploy AI assistants and autonomous agents, existing security frameworks must evolve to treat these agents as first-class identities rather than afterthoughts. The piece advocates applying Zero Trust principles—identity-first access, least-privilege, dynamic contextual enforcement, and continuous monitoring—to agentic identities to prevent misuse and reduce attack surface. Practical controls include scoped, short-lived tokens, tiered trust models, strict access boundaries, and assigning clear human ownership to each agent.

Agent Sandbox: Kubernetes Enhancements for AI Agents

🛡️ Agent Sandbox is a new Kubernetes primitive designed to run AI agents with strong, kernel-level isolation. Built on gVisor with optional Kata Containers and developed in the Kubernetes community as a CNCF project, it reduces risks from agent-executed code. On GKE, managed gVisor, container-optimized compute and pre-warmed sandbox pools deliver sub-second startup latency and up to 90% cold-start improvement. A Python SDK and a simple API abstract YAML so AI engineers can manage sandbox lifecycles without deep infrastructure expertise; Agent Sandbox is open source and deployable on GKE today.

GKE: Unified Platform for Agents, Scale, and Inference

🚀 Google details a broad set of GKE and Kubernetes enhancements announced at KubeCon to address agentic AI, large-scale training, and latency-sensitive inference. GKE introduces Agent Sandbox (gVisor-based) for isolated agent execution and a managed GKE Agent Sandbox with snapshots and optimized compute. The platform also delivers faster autoscaling through Autopilot compute classes, Buffers API, and container image streaming, while inference is accelerated by GKE Inference Gateway, Pod Snapshots, and Inference Quickstart.

Shadow AI: The Emerging Security Blind Spot for Companies

🔦 Shadow AI — the unsanctioned use of generative and agentic tools by employees — is creating a sizeable security blind spot for IT teams. Unsanctioned chatbots, browser extensions and autonomous agents can expose sensitive data, introduce vulnerabilities, or execute unauthorized actions. Organizations should inventory use, define realistic acceptable-use policies, vet vendors and combine technical controls with user education to reduce data leakage and compliance risk.

Anthropic's Claude Sonnet 4.5 Now in AWS GovCloud (US)

🚀 Anthropic's Claude Sonnet 4.5 is now available in Amazon Bedrock within AWS GovCloud (US‑West and US‑East) via US‑GOV Cross‑Region Inference. The model emphasizes advanced instruction following, superior code generation and refactoring judgment, and is optimized for long‑horizon agents and high‑volume workloads. Bedrock adds an automatic context editor and a new external memory tool so Claude can clear stale tool-call context and store information outside the context window, improving accuracy and performance for security, financial services, and enterprise automation use cases.

Browser Security Report 2025: Emerging Enterprise Risks

🛡️ The Browser Security Report 2025 warns that enterprise risk is consolidating in the user's browser, where identity, SaaS, and GenAI exposures converge. The research shows widespread unmanaged GenAI usage and paste-based exfiltration, extensions acting as an embedded supply chain, and a high volume of logins occurring outside SSO. Legacy controls like DLP, EDR, and SSE are described as operating one layer too low. The report recommends adopting session-native, browser-level controls to restore visibility and enforce policy without disrupting users.

Deploy n8n on Cloud Run for Serverless AI Workflows

🚀 Deploy the official n8n Docker image to Cloud Run in minutes to run scalable, serverless AI workflows. Cloud Run scales from zero and persists data in Cloud SQL while you only pay for active usage. The post shows how to call Gemini as the agent LLM and optionally connect workflows to Google Workspace via OAuth for Gmail, Calendar, and Drive. For production, follow the n8n docs to add Secrets Manager, Cloud SQL, and Terraform-based deployment.

When to Use Sub-Agents Versus Agents as Tools for ADK

🧭 This post explains when to use sub-agents versus packaging agents as tools when building multi-agent systems with Google's Agent Development Kit (ADK). It contrasts agents-as-tools — encapsulated, stateless specialists invoked like deterministic function calls — with sub-agents, which are stateful, context-aware delegates that manage multi-step workflows. The guidance highlights trade-offs across task complexity, context sharing, reusability, and autonomy, and illustrates the patterns with data-agent and travel-planner examples to help architects choose efficient, scalable designs.

Defending Digital Identity from Computer-Using Agents (CUAs)

🔐 Computer-using agents (CUAs) — AI systems that perceive screens and act like humans — are poised to scale phishing and credential-stuffing attacks by automating UI interactions, adapting to layout changes, and bypassing anti-bot defenses. Organizations should move beyond passwords and shared-secret MFA to device-bound, cryptographic authentication such as FIDO2 passkeys and PKI-based certificates to reduce large-scale compromise. SaaS vendors must integrate with identity platforms that support phishing-resistant credentials to strengthen overall security.

Build Your First AI Agent Workforce with Google's ADK

🤖 Google’s open-source Agent Development Kit (ADK) simplifies creating autonomous AI agents that use LLMs such as Gemini as their reasoning core. The post presents three hands-on codelabs that guide developers through building a personal assistant agent, adding custom and third-party tools, and orchestrating multi-agent workflows. Each lab demonstrates practical patterns—scaffolding an agent, integrating tools like Google Search and LangChain components, and using Workflow Agents and session state to pass information—so teams can progress from experiment to production-ready agent systems.

Falcon Platform Enables Fast, CISO-Ready Executive Reports

🔒 The Falcon platform automates executive exposure reporting by correlating telemetry from Falcon Exposure Management, Falcon Cloud Security, and Falcon Next-Gen SIEM into decision-ready summaries. Falcon Fusion SOAR schedules or triggers workflows, and Charlotte AI agentic workflows translate correlated data into plain-language, prioritized reports on demand. The result is near real-time, adversary-aware reporting that maps exploitable vulnerabilities to critical assets and suggests prioritized remediation actions, dramatically reducing manual analyst effort.