dark
Hand-Picked Top-Read Stories
Trending Tags
2 minute read

[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl

info@thehackernews.com (The Hacker News)
January 13, 2026
AI agents are no longer just writing code. They are executing it. Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks. Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control
Total
0
Shares
0
0
0
[[{“value”:”

AI agents are no longer just writing code. They are executing it.

Tools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering—but it’s also creating a security gap most teams don’t see until something breaks.

Behind every agentic workflow sits a layer few organizations are actively securing: Machine Control Protocols (MCPs). These systems quietly decide what an AI agent can run, which tools it can call, which APIs it can access, and what infrastructure it can touch. Once that control plane is compromised or misconfigured, the agent doesn’t just make mistakes—it acts with authority.

Ask the teams impacted by CVE-2025-6514. One flaw turned a trusted OAuth proxy used by more than 500,000 developers into a remote code execution path. No exotic exploit chain. No noisy breach. Just automation doing exactly what it was allowed to do—at scale. That incident made one thing clear: if an AI agent can execute commands, it can also execute attacks.

This webinar is for teams who want to move fast without giving up control.

Secure your spot for the live session ➜

Led by the author of the OpenID whitepaper Identity Management for Agentic AI, this session goes straight to the core risks security teams are now inheriting from agentic AI adoption. You’ll see how MCP servers actually work in real environments, where shadow API keys appear, how permissions quietly sprawl, and why traditional identity and access models break down when agents act on your behalf.

You’ll learn:

  • What MCP servers are and why they matter more than the model itself
  • How malicious or compromised MCPs turn automation into an attack surface
  • Where shadow API keys come from—and how to detect and eliminate them
  • How to audit agent actions and enforce policy before deployment
  • Practical controls to secure agentic AI without slowing development

Agentic AI is already inside your pipeline. The only question is whether you can see what it’s doing—and stop it when it goes too far.

Register for the live webinar and regain control of your AI stack before the next incident does it for you.

Register for the Webinar ➜

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

“}]] The Hacker News 

Total
0
Shares
Share 0
Tweet 0
Share 0
Share 0
Share 0
Previous Post

New Advanced Linux VoidLink Malware Targets Cloud and container Environments

January 13, 2026
Next Post

Kremlin-linked hackers pose as charities to spy on Ukraine’s military

January 13, 2026
Related Posts
3 min

Microsoft Silently Patches Windows LNK Flaw After Years of Active Exploitation

Microsoft has silently plugged a security flaw that has been exploited by several threat actors since 2017 as part of the company's November 2025 Patch Tuesday updates, according to ACROS Security's 0patch. The vulnerability in question is CVE-2025-9491 (CVSS score: 7.8/7.0), which has been described as a Windows Shortcut (LNK) file UI misinterpretation vulnerability that could lead to remote
info@thehackernews.com (The Hacker News)
December 3, 2025
Read More
2 min

Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools

If you're using community tools like Chocolatey or Winget to keep systems updated, you're not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there’s a catch... The very tools that make your job easier might also be the reason your systems are at risk. These tools are run by the community. That means anyone can add or update packages. Some
info@thehackernews.com (The Hacker News)
November 26, 2025
Read More
2 min

Researchers Detail Tuoni C2’s Role in an Attempted 2025 Real-Estate Cyber Intrusion

Cybersecurity researchers have disclosed details of a cyber attack targeting a major U.S.-based real-estate company that involved the use of a nascent command-and-control (C2) and red teaming framework known as Tuoni. "The campaign leveraged the emerging Tuoni C2 framework, a relatively new, command-and-control (C2) tool (with a free license) that delivers stealthy, in-memory payloads,"
info@thehackernews.com (The Hacker News)
November 18, 2025
Read More