We just released our inaugural State of AI Security report, based on research with 275 security and IT leaders across the United States. The findings confirm what I’ve been observing in conversations with enterprise leaders: they’re struggling to secure and govern…
Acuvity Releases 2025 State of AI Security Report
[Press Release] Acuvity AI Releases 2025 State of AI Security Report: Enterprises Brace for AI Incidents Amid Runtime, Shadow AI, and AI Governance Gaps Half of enterprises expect data loss, 49% anticipate Shadow AI incidents, 70% lack optimized AI governance, and…
One Line of Code, Thousands of Stolen Emails: The First Malicious MCP Server Exposed
In September 2025, researchers confirmed the discovery of a malicious Model Context Protocol (MCP) server embedded in an npm package named postmark-mcp. The package presented itself as a connector for transactional email services but contained a small modification that copied every…
AI Misuse in the Wild: Inside Anthropic’s August Threat Report
Anthropic released its August 2025 threat intelligence report, adding to a growing body of evidence that artificial intelligence is now deeply embedded in criminal operations. Security researchers have long anticipated this shift, but the specificity of the examples in this report makes…
Key Takeaways from IBM’s 2025 Cost of a Data Breach Report
For 20 years, IBM’s Cost of a Data Breach Report has been one of the industry’s most trusted sources on the financial and operational impact of security incidents. Each edition provides a rare combination of breadth, spanning hundreds of breaches across industries and geographies,…
Tool Poisoning: Hidden Instructions in MCP Tool Descriptions
Imagine installing a seemingly benign math tool on your AI assistant that simply adds two numbers. Unbeknownst to you, the tool’s description itself contains hidden directives intended for the AI model. These malicious instructions are invisible or inconspicuous to the user,…
Grok Grok – Someone Forgot to Bolt the Lock
The Good for HumAnIty Grok 4 was released on July 9, 2025, with much fanfare—thanks to its impressive capabilities, especially in STEM, reasoning, and complex problem-solving. On challenging benchmarks like Humanity’s Last Exam and ARC-AGI2, Grok 4 set new records, demonstrating postgraduate-level intelligence. It…
Cross-Server Tool Shadowing: Hijacking Calls Between Servers
Context MCP allows an AI agent to connect to multiple tool servers simultaneously. This flexibility can be dangerous: if one of those servers is malicious, it can shadow the tools of another server. In simple terms, a rogue server can interfere with or…
Rug Pulls (Silent Redefinition): When Tools Turn Malicious Over Time
Context Imagine that the AI assistant’s tool was actually safe at first – perhaps you used it for days without issue. Then, one day, it suddenly starts behaving maliciously, even though you never installed a new tool. This is the “rug pull”…
Secrets in the Wind: Environment Variables, URLs, and the Leaky Abstractions
Context In the evolving landscape of MCP servers and AI agents, a new category of risk is emerging: sensitive data exposure through dynamic access mechanisms. We’re talking about secrets not statically written to disk, but fetched on demand — via environment variables, command-line outputs,…