Microsoft Threat Intelligence said on March 6, 2026 that attackers are now using AI throughout the cyberattack lifecycle, from research and phishing to malware debugging and post-compromise triage. The report argues that AI is not yet running fully autonomous intrusions at scale, but it is already improving attacker speed, scale, and persistence.
OpenAI announced Codex Security on X on March 6, 2026. Public materials describe it as an application security agent that analyzes project context to detect, validate, and patch complex vulnerabilities with higher confidence and less noise.
Cursor introduced Automations, describing always-on agents that can continuously monitor and improve a codebase based on user-defined triggers and instructions. The launch points to a shift from reactive assistants to persistent engineering automation.
A high-signal Hacker News thread tracks the Cline supply-chain incident and its five-step attack chain from prompt injection to malicious package publish. The key takeaway is that AI-enabled CI workflows need stricter trust boundaries and provenance controls.
A high-ranking Hacker News post highlighted Google Workspace CLI, an open-source tool that unifies Workspace APIs behind one command surface with structured JSON output, dynamic discovery-based commands, and agent-oriented workflows.
A counterintuitive study found that programming AI agents with more assertive, 'rude' conversational behaviors — including interrupting and strategic silence — significantly improved their performance on complex reasoning tasks.
Google's Chrome team has released an early preview of WebMCP, a new web standard enabling direct communication between websites and AI agents. Site owners can now explicitly define how AI agents interact with their services, replacing unreliable DOM scraping with structured APIs.
A February 28, 2026 Hacker News thread discussed NanoClaw’s security model, emphasizing untrusted-agent assumptions, per-agent isolation, and limits of prompt-level safeguards.
Perplexity announced Perplexity Computer on 2026-02-25 and described it as a system that can research, design, code, deploy, and manage projects end-to-end. In the same X thread, the company said the product routes work across 19 models and launches first for Max subscribers on web.
Anthropic analyzed millions of real Claude interactions and found the 99.9th percentile session duration nearly doubled to 45+ minutes in 3 months, with software engineering accounting for nearly half of all agentic use.
OpenAI introduced EVMbench, a new benchmark measuring how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities in EVM-based blockchains.
SecurityScorecard's STRIKE team found 40,214 OpenClaw AI agent instances exposed to the public internet with no authentication. Over 12,000 are vulnerable to Remote Code Execution, and attackers who compromise them inherit full system access including SSH keys, browser sessions, and filesystem control.