Praxen: Open-source AI agent behavior verification

Praxen is an open-source tool with a simple job: it checks whether an AI agent does what it claims to do. The tool takes an agent’s declared policy, looks at how the agent operates, and points out every spot where the two drift apart. It is the r… Continue reading Praxen: Open-source AI agent behavior verification

A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security

A research team has built a system that teaches AI agents to hunt for software bugs by writing the audit method down as plain text. The system, called EVOHUNT, keeps the underlying AI model fixed and improves only an external “playbook” tha… Continue reading A $1,400 experiment in AI security auditing outperformed OpenAI’s Codex Security

Who pays when you gate cyber-capable AI models?

In this interview with Help Net Security, Jaya Baloo, COO & CISO at Aisle, examines the debate over restricting access to cyber-capable AI models. She lays out the strongest argument for gating these tools, then explains where it breaks down for s… Continue reading Who pays when you gate cyber-capable AI models?

Agent Beacon: Open-source telemetry layer for AI agents

AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configure… Continue reading Agent Beacon: Open-source telemetry layer for AI agents

Encrypted DNS still tells an eavesdropper where to look

Encrypted DNS runs across much of the Internet. DNS over TLS, HTTPS, and QUIC keep the contents of a query away from anyone watching a network link. The encryption covers the message inside each packet. The packet still carries plaintext headers, and t… Continue reading Encrypted DNS still tells an eavesdropper where to look

Your browser tab could become encrypted storage for someone else’s files

Decentralized storage networks already hand pieces of people’s data to strangers’ machines. The lasting question across these networks is whether the machine holding the data can read it. A research paper by Gregory Magarshak, a professor a… Continue reading Your browser tab could become encrypted storage for someone else’s files

Securing digital keys when your phone unlocks the car

In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers…. Continue reading Securing digital keys when your phone unlocks the car

What happens to oversight when AI agents write a lab’s own code

Inside the labs building frontier AI, a growing share of the coding gets done by the AI itself. These agents write, edit, and run software with light human oversight between steps, and they reach into production infrastructure, research pipelines, and … Continue reading What happens to oversight when AI agents write a lab’s own code

The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects

Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY,… Continue reading The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects