Deep dives, practical guides, and incident analyses from engineers who build Safeguard. No fluff, no vendor FUD — just what you need to ship secure software.
Cyera disclosed four chainable flaws in OpenClaw on May 15, 2026 that take an autonomous agent from prompt injection to credential theft, privilege escalation, and a persistent backdoor. Roughly 245,000 instances sit exposed on the internet.
Unauthorized MCP servers running on developer laptops are the agent-era equivalent of shadow IT. Here is how to inventory them, see them at runtime, and bring them under policy.
MCP servers expose three distinct prompt-injection surfaces — resource contents, tool outputs, and sampling requests — and each one needs its own defense layer. Here is how to think about them together.
Tool-poisoning attacks against Model Context Protocol servers hide adversarial instructions inside tool descriptions and silently mutate tool definitions after install. Here is how the attack works and how to defend against it.
OX Security documented command injection through the MCP STDIO transport across Python, TypeScript, Java, and Rust SDKs. Anthropic calls the behavior by-design and won't patch upstream. That leaves the fix to thousands of downstream projects.
nginx-ui added MCP support and split it across two HTTP routes. One route shipped without the auth middleware. The result is a CVSS 9.8 unauthenticated takeover, actively exploited, fixed with 27 characters of code.
MCP servers are spreading inside engineering orgs faster than security teams can review them. Here is how to govern them without slowing teams down.
A repeatable onboarding flow for adding MCP servers to an enterprise registry without becoming the team that says no to everything.
Tool-using agents are now in production at most large organizations. The security baseline that should be table stakes, and what teams are still missing.
Weekly insights on software supply chain security, delivered to your inbox.