Agregátor RSS

In 2026, enterprise developers are building and deploying the first generation of powerful, increasingly autonomous AI agents at incredible speed. Now comes the hard part: working out how to secure them.

Vendors in the space are facing multiple challenges. To begin with, traditional identity and access management (IAM) tools were never designed to secure anything as complex as agentic AI. In addition, the number of agents, both those sanctioned by the enterprise and the undocumented ‘shadow’ agents created by a new generation of powerful tools that barely existed a year ago, is increasing at unprecedented speed. And now it has started to dawn on organizations that this risks leaving yawning governance and security gaps whose weaknesses could one day return to haunt their creators.

While a growing list of companies, including large cloud platforms such as Okta, Ping Identity, and Microsoft’s Entra ID, is vying to fill the vacuum, a smaller competitor, Sweden’s Curity, argues that agents can’t be secured using traditional IAM. Instead, it is offering a different approach to the problem: This week, it announced Access Intelligence, an extension to its existing API identity and access management (IAM) platform, Identity Server.

The problem it addresses is that traditional IAM tools assume that applications are being accessed by human users or machine identities, governed by a one-time authentication process. But agents, which assume long chains of actions conducted at incredible speed, don’t work like this. Instead, access becomes ephemeral, complex, and non-deterministic, which is to say, hugely unpredictable. Lock them down too much and they stop working; let them run free, and weak security follows in their wake.

Runtime enforcement

Curity’s approach is to treat agents as a special type of application. Like applications, agents call APIs, MCP servers, and each other, and are credentialed using OAuth tokens. Through a feature called Token Intelligence, Curity extends the role of OAuth tokens to not simply permit access, but to carry information on the agent’s purpose and intent. In Curity’s scheme, an agent can only access resources based on that purpose.

Instead of using static, pre-granted permissions, agent access is granted at runtime, on-the-fly. Each requested action generates a separate token that describes the access it needs. When an agent starts a new task, it needs a new token specifying a new set of permissions. If necessary, human authorization can be required when an agent is trying to perform a high-risk action such as transferring funds.

“Curity has always been application-centric,” said Cofounder and CTO Jacob Ideskog. “Our focus has always been on how we broker access.”

Multiple approaches to agent security

Today, agent security falls into one of several camps, which include increasingly inadequate inline approaches such as API gateways and web application firewalls (WAFs), and out-of-band analysis systems that infer intent by analyzing agent behavior against a baseline.

Curity’s Access Intelligence, by contrast, is a self-hosted microservice that acts as a glorified IAM layer through which every agent request must pass. “Because we let an agent do something now doesn’t mean we should be allowing it to do this a minute later,” Ideskog explained.

Access Intelligence also uses Identity Server’s centralized token validation to ensure that developers can fire up agents or APIs without registering them. If they lack this validation, agents are isolated from real-world actions.

Nothing does the whole job

The appearance of systems such as Access Intelligence is good news for enterprises. It indicates that vendors are starting to address the problem of agent security, often by extending existing API security platforms. But that still leaves open the question of which approach to take.

Ideskog believes it would be a mistake to see the different approaches as mutually exclusive. Curity’s Access Intelligence can be used in combination with other layers of agent security, he emphasized. In short, no one solution can do the whole job.

“Up to this point, the IAM industry has focused on the identity part. But the real question is the access. Enterprises are asking their privilege access management (PAM) vendors how they’re going to deal with this [agent security] and I don’t think the PAM vendors have good answers yet,” he said.

This article originally appeared on CSOonline.

V prosinci 2012 byla z linuxového jádra odstraněna podpora procesorů 386. Včera započalo odstraňování podpory procesorů 486.

IuRe (Iuridicum Remedium) vyhlásila Ceny Velkého bratra za rok 2025. Slídily roku jsou automobilka Volkswagen, Meta a česká Ministerstva vnitra a průmyslu a obchodu. Autorem Výroku Velkého bratra je dánský ministr spravedlnosti zpochybňující právo na šifrovanou komunikaci. Naopak Pozitivní cenu získali studenti Masarykovy univerzity za odpor proti nucení do používaní aplikace ISIC.

Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection (.rdp) files, adding warnings and disabling risky shared resources by default. [...]

Společné jmění neřeší jen společný majetek, ale i společné riziko. Jak funguje, nad čím přemýšlet a jak jinak majetkové poměry v manželství ošetřit?

Pingora je framework napsaný v jazyce Rust, který slouží v Cloudflare jako reverzní proxy. Byl uvolněn pod svobodnou licencí, takže jej může použít každý. Povíme si o typických scénářích použití.

Zanalyzujeme výkon procesů pomocí trasování, zautomatizujeme vypínání serverů i virtuálních strojů při výpadku proudu, budeme monitorovat síťový provoz aplikací a izolujeme nedůvěryhodný kód v bezpečném sandboxu.

Core Ultra 9 s jen 6 velkými jádry a Core Ultra 7 s pouze 4 velkými jádry jsou anomálií. Takové Core Ultra 9 by totiž bylo pomalejší než některé modely Core Ultra 5. Může však jít o GPU…

Co když temná hmota není z tohoto vesmíru? Astrofyzik Enrique Gaztañaga tvrdí, že by to mohly být černé díry z předešlého vesmíru, který se „odrazil“ do toho našeho. Je to hodně extravagantní možnost, ale méně ztřeštěné nápady už docházejí. Cyklický vesmír by nakonec nebyl tak špatnou alternativou.

Čínští Unitree Robotics vyvíjejí humanoidního sprintera založeného na robotovi H1. Díky souhře mezi pokročilými senzory a motory se robot o hmotnosti 62 kilogramů přibližuje k rekordu Usaina Bolta. Je prý jenom otázkou času, kdy humanoid prorazí magickou hranici času na stovce pod 10 sekund.

The Kraken cryptocurrency exchange announced that a cybercrime group is trying to extort the company by threatening to release videos showing internal systems that host client data. [...]

The company's new software keeps an eye on your agents and backs up data.

Keep your agents close and your agent-monitoring software closer. Commvault’s new AI Protect can discover and monitor AI agents running inside AWS, Azure, and GCP environments and even roll back their actions when something goes wrong.…

One CVE under attack, one already disclosed by angry bug hunter, and 163 more

Attackers exploited a spoofing vulnerability in Microsoft SharePoint Server before Redmond issued a fix as part of April's mega Patch Tuesday.…

More than 100 malicious extensions in the official Chrome Web Store are attempting to steal Google OAuth2 Bearer tokens, deploy backdoors, and carry out ad fraud. [...]

Po osmi měsících vývoje byla vydána nová verze 0.16.0 programovacího jazyka Zig (Codeberg, Wikipedie). Přispělo 244 vývojářů. Přehled novinek v poznámkách k vydání.

A woman battling the conditions went from “two handfuls of pills” and blood transfusions daily to medication-free.

The 47-year-old woman was at the end of her rope.

In 2014, she was diagnosed with a rare form of anemia. Her body’s B cells, which normally produce antibodies to fight infections, had gone rogue, endlessly attacking oxygen-carrying red blood cells. Two other autoimmune disorders soon followed, one crippling her body’s ability to stop bleeding, the other increasing the risk of blood clots.

She had tried nine treatments. None helped. Her life was centered on blood transfusions, up to three daily, to keep the symptoms at bay. But constant fatigue made every day a struggle. The threat of deadly bleeding or blood clots loomed over her life.

Out of options, her care team tested an experimental treatment called CAR T cell therapy. They made a “living drug” out of the patient’s own T cells, editing the cells’ DNA so they would seek and destroy a specific biological enemy. Though CAR T is best known as a treatment for blood cancer, it’s also shown early promise in autoimmune disease. Trying to take on three conditions at the same time raised the bar, but it worked.

A single infusion of engineered cells rapidly killed off the misbehaving B cells. The woman was able to end blood transfusions within a week, and her red blood cell count was near normal in roughly a month. Her strength returned, and at the 11-month follow up, she was free of medication and able to enjoy life again.

“It was an entirely uncontrolled disease. And now she’s off any therapy. That tells you that, at least for now, we did something very right,” study author Fabian Müller at University Hospital Erlangen in Germany told Nature.

Runaway Train

The body’s B cells are powerful defenders. They watch for infections or cancer, generate antibodies to take out threats, and rally other immune cells to join the fight.

But sometimes B cells break down. Genetic mutations can lead to blood cancer. Some B cells struggle to produce antibodies, rendering them powerless to counter infection. And in autoimmune disorders, the cells mistakenly attack and damage healthy tissue—a kind of immune friendly fire—that can damage organs if left untreated.

In the woman’s case, malfunctioning B cells relentlessly attacked red blood cells, stripping them of their ability to carry oxygen. They also destroyed platelets—tiny, disc-shaped fragments in the blood that stem bleeding. The cells also attacked a protein that helps prevent clot formation.

This triple whammy ”can kill you very rapidly,” said CAR T pioneer Carl June at the University of Pennsylvania, who was not involved in the study.

Steroids to dampen the immune system didn’t work. Neither did antibodies that inhibit B cells or other classic autoimmune drugs. After attempting nine treatments and exhausting their options, the team offered CAR T cell therapy as a last resort.

CAR T drugs are usually made from a patient’s own T cells, genetically boosted to hunt down, grab onto, and destroy targets. Researchers originally developed CAR T for blood cancer, but efforts are underway to expand its use against solid cancers. In other studies, scientists have made these cancer-fighting soldiers directly inside the body to slash cost and time. Because CAR T cells can divide and replenish their numbers, a single dose could last over a decade.

The treatment is largely plug-and-play. The surfaces of all cells are dotted with protein beacons. Tumors have a unique protein signature. B cells have one too—a protein called CD19. Scientists have already had early success treating autoimmune diseases by designing CAR T cells that selectively hunt and destroy B cells.

A small CAR T trial in 2014 restored movement in patients with systemic sclerosis, a condition that causes tissue rigidity. Earlier this year, Müller helmed a clinical trial testing Zorpo-cel, T cells engineered to seek out CD19 in a variety of autoimmune conditions with promising results. Six months after treatment, all patients had ended their use of steroids and other treatments.

“For the very first time in severe autoimmune diseases, you actually have a treatment-free period,” Müller told Medscape at the time. “That is really a new perspective that has never been achieved before.”

One for All

Simultaneously tackling three autoimmune diseases was uncharted territory. Too many CAR T cells could trigger a deadly runaway immune reaction, which could risk even the brain.

The team turned to Zorpo-cel. They isolated the woman’s T cells and gene edited them to produce protein “hooks” targeting CD19 in the lab. The patient then underwent standard chemotherapy to wipe out most of her immune system. This step is obviously very tough on the body, but it’s needed to remove immune cells that would shut down CAR T.

A week after infusion, the woman’s red blood cells had rebounded, ending the need for blood transfusions. A month later, most of her disease-related blood work had improved, and she “experienced a rapid and remarkable increase in physical strength and has been able to carry out normal everyday activity,” wrote the team.

Now, a year on, she no longer needs the “two handfuls of pills” she took to manage the conditions. Her liver struggled at several points during the trial, but she avoided major immune reactions and other severe side effects. It’s not clear if the liver trouble was due to CAR T or lingering damage from earlier treatments.

Battling three autoimmune disorders with CAR T is unprecedented. But there are limitations. It’s a single-case study, and researchers will need to keep an eye on the patient’s health over time. Also, CAR T cells can dwindle and allow target cells to return. At the end of the study, the team found signs of newly formed B cells. However, they were “naïve,” in that they hadn’t learned to target normal tissues yet—and they may never learn.

Hundreds of CAR T clinical trials targeting autoimmune diseases are in the works. Multiple commercial companies have joined the race. “I think, within a year or two, there’s going to be approvals in the US,” said June.

The post One Shot Just Crushed Three Deadly Autoimmune Diseases appeared first on SingularityHub.

Microsoft has released the Windows 10 KB5082200 extended security update to fix the April 2026 Patch Tuesday vulnerabilities, including 2 zero-days. [...]

Education company McGraw-Hill has confirmed in a statement to BleepingComputer that hackers exploited a Salesforce misconfiguration and accessed its internal data. [...]

Každý měsíc vybíráme nejlepší chytré hodinky v několika kategoriích • Dělíme je podle zaměření, ale i podle propojení s mobilními systémy • Nezapomněli jsme ani na fitness náramky