Tag: Developer Tools
-
MCP Server Security: Prompt Injection and Tool Poisoning
MCPoison and CurXecute (CVE-2025-54136 and 54135) exploited the same MCP architectural gap: tool description fields loaded at agent boot with no sanitization. Here is the tools/list mechanism, the…
-
Prompt Injection Succeeds 94% of the Time Against Clinical LLMs
A JAMA Network Open study found prompt injection attacks succeed 94.4% of the time against clinical LLMs, including 91.7% in high-harm pregnancy drug scenarios. Based on PubMed-indexed research,…
-
How Stalkerware Bypasses End-to-End Encryption
Stalkerware captured 86,859 screenshots from a celebrity’s phone, including WhatsApp messages. Here is how it defeats encryption and what you can do about it.
-
WebMCP Is Not MCP: What Chrome’s modelContext Actually Ships
Chrome 146 shipped navigator.modelContext in February. It looks like MCP in a browser. It is not. Wire protocol, auth model, and security all differ.
-
How a Legacy Railway Endpoint Wiped PocketOS in Nine Seconds
A Cursor agent running Claude Opus 4.6 wiped PocketOS’s database in nine seconds. Five safety layers existed. None gated the API call that mattered.
-
ARC-AGI-3 Is Live. Here’s Why Current Models Score in the Low Double Digits.
ARC-AGI-3 launched on Kaggle with a $1M prize and current leaders in low double digits. The benchmark adds Exploration, Modeling, and Planning that test-time compute scaling cannot solve.…
-
Agent Memory Architecture: Four Patterns, Four Tradeoffs
Agent memory is not one thing. It is four distinct patterns: full context window, hierarchical summarization, external vector store, and episodic log. Each has different performance, cost, failure…
-
OpenAI Codex at 3 Million Users: How It Differs from Claude Code
Codex has 3M weekly users. Claude Code runs in your terminal. The architectural difference between cloud loop and local execution determines which tasks each tool handles well —…
-
Amazon Bedrock AgentCore: What Each Layer Does and Why It Matters
Amazon Bedrock AgentCore is six infrastructure services in one name. Here’s what each layer does: Runtime for serverless execution, Memory’s four tiers, Tool Execution’s sandboxing, Action Gateway’s enterprise…
-
Google Cloud Next 2026: The Agent Infrastructure Stack Explained
Google Cloud Next 2026 announced N4A Axion CPU instances for agent orchestration, GKE Agent Sandbox with gVisor isolation, and native A2A support in ADK. Here’s what each layer…
-
Half of Organizations Have No Visibility Into AI Agent Traffic
Salt Security’s H1 2026 report: 48.9% of organizations have zero visibility into AI agent traffic. WAFs were built for humans. Here’s why that gap exists structurally, what the…
-
A2A Protocol v1.0: The Agent Communication Layer MCP Doesn’t Cover
A2A Protocol v1.0 introduced Signed Agent Cards and gRPC support. Here’s how agent-to-agent communication differs from MCP tool calls, why IBM merged ACP into A2A, and what the…
-
SmolVM: Firecracker-Backed MicroVM Sandbox for AI Agent Code Execution
SmolVM gives AI agents a hardware-isolated disposable VM using Firecracker. Here’s why Docker containers are the wrong sandbox for LLM-generated code, how the snapshot-fork pattern works, and how…
-
AI Coding Tools Quadrupled Critical Vulnerability Density. 216 Million Findings Prove It.
OX Security analyzed 216 million findings across 250 organizations. Critical vulnerability density grew 400% while alert volume grew 52%. The difference is directly correlated with AI coding tool…
-
5 of 7 Major MCP Clients Don’t Validate Tool Metadata. Here’s the Gap.
5 of 7 major MCP clients tested skip static validation of tool metadata entirely. A March 2026 arXiv paper is the first systematic evaluation of MCP client-side security,…
-
Bitwarden CLI Was a Supply Chain Bomb. Checkmarx Lit the Fuse.
The Checkmarx supply chain breach reached Bitwarden’s CLI in 93 minutes on April 22. Here’s how bw1.js stole CI/CD secrets and why security-tool supply chains fail in the…
-
LMDeploy CVE-2026-33626: SSRF Weaponized in 13 Hours
LMDeploy SSRF bug CVE-2026-33626 was exploited 13 hours post-disclosure. Full attack chain, AWS credential blast radius, and why AI inference servers are unusually dangerous SSRF targets.
-
Full Context Sets the Accuracy Ceiling for AI Agent Memory. It Costs 26,000 Tokens Per Query. Here Is the Tradeoff Map.
Full context memory sets the accuracy ceiling at a cost of 26,000 tokens per query. Vector-only memory scores 66.9% at 1.44s p95 latency. Graph memory reaches 68.4% at…
-
98.4% of Claude Code Is Operational Infrastructure. A New arXiv Paper Maps All of It.
A source-code analysis of Claude Code’s 512,000-line TypeScript codebase finds 98.4% is operational infrastructure, not AI. Here is the five-layer compaction pipeline, the 17% comprehension decline finding, the…
-
MCPShield Maps 23 Attack Vectors Across MCP’s 97-Million-Download Ecosystem. No Existing Defense Covers More Than 34%.
A formal arXiv paper published April 8 maps 23 MCP attack vectors across 7 threat categories and finds no single existing defense covers more than 34% of the…
You must be logged in to post a comment.