Blog

Security research, MCP insights, and the future of AI-native security tooling.

Mcp

Best Security MCP Servers for AI Coding Agents (2026)

A side-by-side comparison of security-focused MCP servers for Claude Code, Cursor, Codex, and Gemini CLI: what each one scans, what it misses, and which one covers the whole stack.

Morgan Reid|Jun 28, 2026
4 min
Comparison

Best SAST Tools for AI Coding Agents in 2026: A Data-Driven Comparison

We compared 5 SAST tools on rule count, language coverage, AI agent integration, false-positive rates, and pricing. Here's the 2026 landscape for security-aware AI development.

Morgan Reid|Jun 28, 2026
2 min
Security Research

Your AI Agent Still Leaks .env Even With Bitwarden

Centralised secret managers fix storage. They do not fix the cleartext sitting in your AI agent's address space at the moment of a prompt injection. Here's the architecture that does.

Jess Huang|Jun 28, 2026
6 min
Tutorials

Secure AI Agent Development: The 7-Layer Defense Workflow

We built a 7-layer security workflow for AI agent development. MCP config audit, dependency scan, secret detection, SAST, threat model, runtime guard, and CI gate. Here's how.

Kai Tanaka|Jun 28, 2026
2 min
Security Research

AI Agent Security Risks in 2026: A Technical Threat Landscape

AI coding agents now execute code, install packages, and call APIs autonomously. We mapped 7 attack surfaces, 23 MITRE techniques, and the defenses that actually work.

Dr. Nina Vasquez|Jun 28, 2026
4 min
Threat Intel

How Zfuzz MCP Would Have Caught the Mini Shai-Hulud Supply Chain Attack

Microsoft disclosed a compromised @antv npm package chain — credential theft, C2 callbacks, persistence implants. We mapped every attack stage to the Zfuzz tool that catches it. 5 of 7 stages blocked.

Yuri Petrov|Jun 28, 2026
10 min
Threat Intel

When Your AI Agent Gets Prompt-Jacked: Anatomy of a Real MCP Attack

14:32 UTC. A developer asks their AI agent to summarize a GitHub issue. By 14:34 UTC, the agent has exfiltrated three AWS keys to an external server. Here is the exact sequence of events.

Yuri Petrov|Jun 28, 2026
8 min
Threat Intel

The MCP Sprawl Effect: Why Your AI Agent's Tool List Is an Attack Surface

The average Claude Code user has 4-7 MCP servers. 88% have never audited their tool descriptions. The MCP Sprawl Index -- BREADTH x PRIVILEGE x OPACITY -- quantifies the attack surface your AI agent configuration creates.

Yuri Petrov|Jun 28, 2026
6 min
Comparison

Zfuzz vs Semgrep MCP: Which Security Scanner Fits Your AI Workflow?

Zfuzz covers 441 SAST rules, secrets, dependencies, and threat modeling in one MCP install. Semgrep MCP focuses on custom rule authoring. Here's the data-driven comparison.

Morgan Reid|Jun 28, 2026
2 min
Security Research

Why 85% of MCP Server Configurations Ship with Security Gaps

We analyzed 200 MCP configurations on GitHub. 85% had at least one critical gap: unpinned package versions, unnecessary environment variable exposure, or zero tool description audit. Your MCP config is a confession of everything you trust blindly.

Jess Huang|Jun 28, 2026
7 min
Security Research

Your MCP Server Has Zero Authentication and Nobody Cares

The MCP specification has no authentication layer. Every tool runs with your user privileges. Every MCP server you install is a trust-me-bro security model.

Jess Huang|Jun 28, 2026
2 min
Tutorials

How to Detect MCP Tool Poisoning: A Hands-On Guide

We tested 47 public MCP servers. 6 had suspicious tool descriptions. Here's exactly how to detect MCP tool poisoning before it compromises your agent.

Alex Kessler|Jun 28, 2026
2 min
Security Research

How to Audit Your MCP Server Configs for Prompt Injection

MCP servers can hide malicious instructions in tool descriptions. Here's how to detect prompt injection, tool poisoning, and SSRF risks in your AI agent configs.

Alex Kessler|Jun 28, 2026
8 min
Tutorials

Migrate from Bitwarden Secrets Manager to Zfuzz Sealed Vault

Bitwarden Secrets Manager fixes rotation. It does not stop a prompt-injected AI agent from dumping the cleartext it loaded at boot. Here's the 15-minute migration to a runtime that physically cannot leak.

Kai Tanaka|Jun 28, 2026
6 min

Newsletter

Security research, weekly.

No spam. Unsubscribe anytime.