Security & Reliability — Explore AI Tools & Stories

Fresh stories

New

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

GitHub said Copilot Free, Pro, and Pro+ interaction data will train models by default from Apr. 24 unless users opt out, while private repo content at rest stays excluded. Teams should review per-user enforcement, enterprise coverage, and repo privacy settings before the change lands.

🔒GitHub Copilot1d ago

Breaking

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

Compromised LiteLLM 1.82.7 and 1.82.8 wheels executed a malicious .pth file at install time to exfiltrate credentials, and PyPI quarantined the releases. Treat fresh-package installs and AI infra dependencies as supply-chain risk, and check startup hooks on affected systems.

New

Reliability·1d ago·3 min read

New1d ago

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

🔒GitHub Copilot1d ago

New1d ago

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

🔒Reliability1d ago

Top storiesthis week

See all →

Breaking

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Imbue released Latchkey, a library that prepends ordinary curl calls so local agents can use SaaS and internal APIs while credentials stay on the developer machine. Try it where agents need many HTTP integrations but should not see raw secrets.

New

Agent Security·2d ago·2 min read

New

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

Google DeepMind published a real-world manipulation benchmark and toolkit built from nine studies across more than 10,000 participants, with finance showing higher influence than health. Safety teams can use it to test persuasive failure modes, so add it to red-team plans for user-facing agents.

🔒Agent Security2d ago

New

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

Malicious LiteLLM 1.82.7 and 1.82.8 releases executed .pth startup code to steal credentials and were quarantined after disclosure. Rotate secrets, audit transitive AI-tooling dependencies, and add package-age controls before letting agents install packages autonomously.

🔒Reliability3d ago

New

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

GitHub will start using Copilot interaction data from Free, Pro, and Pro+ tiers for model training unless users opt out, while Business and Enterprise remain excluded. Engineers should recheck privacy settings and keep personal and company repository usage boundaries explicit.

🔒GitHub Copilot3d ago

New

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

PlayerZero launched an AI production engineer and claims its world model can simulate failures before release, trace incidents to exact PRs, and beat existing tools on real production test cases. If those numbers hold, the interesting shift is from code generation to debugging, testing, and observability after code ships.

🔒Observability5d ago

New

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

Anthropic's Opus 4.6 system card shows indirect prompt injection attacks can still succeed 14.8% of the time over 100 attempts. Treat browsing agents and prompt secrecy as defense-in-depth problems, not solved product features.

🔒Claude1w ago

New

LangSmith launches Fleet with agent identity, approvals, and audit trails

LangSmith Fleet introduces shared agents with edit and run permissions, agent identity, human approvals, and tracing. That matters because enterprise agent rollout is shifting from single-user demos to governed, auditable deployment surfaces.

Release🔒Observability1w ago

See all stories →

New

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Release🔒Agent SecurityCoding Agents2d ago · 2 min read

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

🔒Agent Security2d ago

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

🔒Reliability3d ago

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

🔒GitHub Copilot3d ago

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

🔒Observability5d ago

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

🔒Claude1w ago

LangSmith launches Fleet with agent identity, approvals, and audit trails

Release🔒Observability1w ago

Daily AI Digest

Get the best stories delivered to your inbox

Explore what's new in AI

Filter by tag in Security & Reliability

Fresh stories

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

Top storiesthis week

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

LangSmith launches Fleet with agent identity, approvals, and audit trails

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

LangSmith launches Fleet with agent identity, approvals, and audit trails

Daily AI Digest

Explore what's new in AI

Filter by tag in Security & Reliability

Fresh stories

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

GitHub updates Copilot policy: private-repo interactions train models by default on Apr. 24

LiteLLM 1.82.8 ships malicious .pth credential stealer on PyPI

Top storiesthis week

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

LangSmith launches Fleet with agent identity, approvals, and audit trails

Imbue launches Latchkey: local agents call HTTP APIs without exposing tokens

Google DeepMind launches manipulation-risk toolkit from 10,000-participant studies

LiteLLM reports credential-stealing code in 1.82.7 and 1.82.8

GitHub updates Copilot policy to train on Free, Pro, and Pro+ interactions

PlayerZero launches AI production engineer and claims 92.6% accuracy on test cases

Anthropic reports Opus 4.6 prompt injection still succeeds 14.8% at 100 tries

LangSmith launches Fleet with agent identity, approvals, and audit trails

Daily AI Digest