Bad actors took over a npm maintainer account and have published two malicious packages designed to steal credentials, API keys, and other secrets from the computers of victims who download them from the repository. Analysts with Sonatype’s Security Research Team wrote in a report that the two packages – sbx-mask and touch-adv – likely are […]
Lessons from 2025: The Year “Agent Mitigation” Became a Thing
Explore the emergence of agent mitigation as a formal discipline in response to 2025’s AI failures, highlighting best practices for secure and reliable AI agent deployment.