A double-free in Apache httpd 2.4.66’s mod_http2 lets unauthenticated clients crash workers reliably and, on certain builds, opens a path to remote code execution. Here’s the defender-oriented breakdown: mechanism, detection, remediation, and 800-53 mapping.
Model Context Protocol gives agents a clean way to call tools, but it also gives every piece of retrieved content a direct line to those tools. The classic confused deputy problem is back, and most deployments are not handling it.
Model Context Protocol turned every internal API into an LLM-reachable tool. The threat model didn’t catch up. Here’s what tool poisoning looks like in production and how to harden against it.
Theori’s Copy Fail flaw turns a nine-year-old in-place optimization in the kernel’s AEAD socket layer into a deterministic 4-byte page-cache write. No race, no offset hunting, no per-distro tuning. A 732-byte Python script edits a setuid binary’s cached pages and hands you root on Ubuntu, RHEL, SUSE, and Amazon Linux without modification.
Indirect prompt injection has graduated from a research curiosity to a routine cause of agent compromise. Here is what defenders are actually shipping in 2026, and where the control gaps still are.
Agentic AI breaks the assumptions baked into service accounts and long-lived API keys. Here is what an honest non-human identity model looks like when an LLM is the principal making the call.
Prompt injection isn’t a content-filtering problem. It’s a control-flow problem, and 2026’s serious agent deployments are starting to treat it that way.
A remote, unauthenticated heap use-after-free in OpenWidget 3.0.0–3.2.1 hands attackers code execution against ~14,200 internet-exposed instances. Here is the triage order defenders should be working through right now.
A practitioner’s view of the realistic container escape surface in multi-tenant Kubernetes — kernel boundaries, runtime gaps, and the controls that actually move the needle.
Agentic systems with tool calls, MCP servers, and dynamic context don’t fit the static system boundary model RMF was built for. Here is how to draw a defensible boundary in 2026.
