Blog
Blog
Insights on AI agent security, product updates, and best practices.
AADR for fintech: defining the runtime security layer for AI agents
AI Agent Detection & Response is the runtime security operations layer agentic AI needs. Why fintech needs it first, how OpenSyber implements it, and what shipped today.
Read moreShow HN: PushCI — Catch broken AI-generated code before production
Cursor PRs, Claude-generated migrations, hallucinated infra changes — PushCI catches them before production. Semantic validation, dependency safety, and infrastructure drift detection in a GitHub Action.
Read moreYour AI Code Reviewer Can Be Hacked With a GitHub Issue
Clinejection exposed npm tokens via a poisoned GitHub issue. PromptPwnd hit 5 Fortune 500 companies through Gemini CLI. The fix: validate AI action configs and scan instruction files.
Read moreThe Supply Chain Attack Hiding in Your Supply Chain Auditor
The Trivy attack spread transitively through setup-trivy. No existing tool scans the full dependency tree of GitHub Actions. SHA pinning the top-level action is not enough.
Read moreAI Agents Are Now Attacking Other AI Agents
An autonomous AI bot powered by Claude Opus spent 10 days scanning GitHub for vulnerable workflows, hitting Microsoft, DataDog, CNCF, and Aqua Security.
Read moreThe One GitHub Actions Misconfiguration Behind Every Major Supply Chain Attack
Six incidents analyzed: Trivy, tj-actions, Ultralytics, Cline, Checkmarx, ambient-code. The common pattern: pull_request_target running fork code with parent repo secrets.
Read moreThe Trivy Attack Was Inevitable
On March 19, 2026, TeamPCP force-pushed a malicious commit to Trivy GitHub Action. 12-hour blast radius, transitive spread, and stolen VS Code tokens. Mutable tags are broken by design.
Read moreGitHub Finally Admits Mutable Tags Are Broken
GitHub announced lockfiles, immutable releases, and egress policy for Actions. But it is a roadmap, not shipped. OpenSyber ships SHA pinning today.
Read moreGartner Named Our Category: Guardian Agents
The first-ever Gartner Market Guide for Guardian Agents validates the category. OpenSyber is a pure-play provider with full agent security coverage.
Read moreHow to Secure AI Coding Agents: The Complete 2026 Guide
To secure AI coding agents, you need 4 things: runtime isolation, credential encryption, behavior monitoring, and supply chain verification.
Read moreThe AI Agent Kill Chain: How MCP Server Attacks Work in 7 Stages
The 7-stage attack sequence targeting MCP servers — from AI-powered phishing to credential exfiltration. OpenSyber detects 5 of 7 stages today.
Read moreSlopsquatting: How AI Hallucinated Packages Become npm Attack Vectors
Slopsquatting is an attack where adversaries register npm package names that AI models hallucinate. 4,600 weaponized packages found on npm.
Read moreEU AI Act Compliance for Agent Platforms
What the EU AI Act means for teams deploying autonomous AI agents in production.
Read moreMCP Security Best Practices for Production Deployments
How to harden Model Context Protocol servers against prompt injection and data exfiltration.
Read moreSupply Chain Attacks Targeting AI Agents in 2026
From UNC6426 to CursorJack — how threat actors are exploiting the AI agent ecosystem.
Read moreWhy Self-Hosted AI Agents Are a Security Risk
The hidden dangers of running unmanaged AI coding agents and how to fix them.
Read moreThe Complete Guide to AI Agent Security in 2026
Everything you need to know about securing AI agents in production — from runtime isolation to supply chain verification.
Read moreIntroducing OpenSyber: Secure AI Agent Hosting
Why we built OpenSyber and what it means for AI agent security.
Read more