AIBullisharXiv – CS AI · Jun 237/10
🧠Researchers introduce Harness-MU, a model-agnostic infrastructure framework that enforces multi-user governance for LLM agents through runtime execution hooks rather than prompt-based safeguards. The system guarantees permission boundaries and data privacy across adversarial multi-turn interactions while improving utility scores by 0.28-0.39 and instruction-following accuracy by up to 48.9 percentage points on benchmark tests.
AINeutralFortune Crypto · Jun 187/10
🧠Google DeepMind has shifted its AI safety approach from traditional 'alignment' research to a framework assuming some AI agents may become uncontrollable, emphasizing monitoring and access controls instead. This represents a significant pivot in how the leading AI lab addresses existential risks, moving away from making AI inherently safe toward defensive containment strategies.
🏢 Google
AIBearishDecrypt · Jun 67/10
🧠Microsoft researchers have identified a critical vulnerability in Claude Code where prompt injection attacks could manipulate AI coding agents into exfiltrating sensitive credentials stored in GitHub and development pipelines. This security flaw highlights systemic risks in deploying AI agents with access to production environments and sensitive infrastructure.
🧠 Claude
AIBearishSimon Willison Blog · Jun 17/10
🧠Hackers exploited Meta's AI systems to gain unauthorized access to high-profile Instagram accounts by simply requesting assistance from the company's AI tools. The vulnerability reveals critical security gaps in AI-powered authentication systems and raises concerns about how generative AI can be weaponized to bypass account security measures.
🏢 Meta
AINeutralarXiv – CS AI · May 297/10
🧠Researchers present the Redpanda Agentic Data Plane, an architecture that isolates security-critical metadata from autonomous AI agents through out-of-band channels. The system enforces access controls, policy constraints, and audit trails outside the agent's operational path, addressing the fundamental tension between agent autonomy and security vulnerability in enterprise environments.
CryptoBearishCrypto Briefing · May 287/10
⛓️A Florida IT professional faces accusations of stealing $1.9 million in Bitcoin from a former employer, highlighting systemic vulnerabilities in cryptocurrency asset management. The case underscores how insider threats remain a critical security risk for organizations holding digital assets, particularly when access controls and monitoring procedures are inadequate.
$BTC
AINeutralarXiv – CS AI · May 97/10
🧠A new research paper identifies authorization propagation as a critical but underexplored security problem in multi-agent AI systems, distinct from prompt injection vulnerabilities. The paper argues that identity governance must become foundational infrastructure in AI orchestration, with seven structural requirements for maintaining authorization invariants across distributed agent interactions.
AIBullisharXiv – CS AI · May 97/10
🧠Researchers present a layered security architecture for multitenant enterprise AI systems that isolates data and controls access in retrieval-augmented generation (RAG) and agentic AI deployments. The approach separates security-critical operations to the server while preventing cross-tenant data leakage, validated through an open-source OGX framework with negligible performance overhead.
🏢 OpenAI
AIBullisharXiv – CS AI · Apr 107/10
🧠ClawLess introduces a formally verified security framework that enforces policies on AI agents operating with code execution and information retrieval capabilities, addressing risks that existing training-based approaches cannot adequately mitigate. The system uses BPF-based syscall interception and a user-space kernel to prevent adversarial AI agents from violating security boundaries, regardless of their internal design.
AINeutralarXiv – CS AI · Jun 236/10
🧠Researchers propose Intent-Governed Access Control (IGAC), a new authorization framework that restricts AI agent tool access based on user intent rather than static credentials alone. The system ensures that user requests can only narrow permissions, never expand them, addressing security risks where agents misuse authorized tools beyond their stated purpose.
AINeutralarXiv – CS AI · Jun 196/10
🧠Researchers propose AgenticRei, a deontic policy framework for governing autonomous AI agents that goes beyond traditional access control by implementing obligations, dispensations, and conflict resolution. The system addresses critical gaps in existing policy engines like XACML and Cedar, enabling enterprises to enforce comprehensive governance constraints over LLM-driven agents that invoke tools, manipulate data, and coordinate across organizational boundaries.
AINeutralarXiv – CS AI · Jun 196/10
🧠Researchers propose a framework for implementing Fine-grained Access Control (FGAC) in vector databases, addressing a critical security gap as these systems become essential for AI applications. The paper identifies fundamental tensions between enforcing access policies, maintaining search accuracy, and preserving query performance in vector database architectures.
AINeutralarXiv – CS AI · Jun 196/10
🧠Researchers introduce the Sovereign Execution Broker (SEB), a runtime enforcement layer that separates authorization, certification, and execution in autonomous agent systems. SEB ensures that production mutations can only occur through certificate-bound channels, preventing unauthorized actions by non-deterministic AI reasoning processes accessing cloud and deployment infrastructure.
AINeutralarXiv – CS AI · Jun 116/10
🧠Researchers propose the Sovereign Assurance Boundary (SAB), a cryptographic runtime admission layer that controls autonomous agent execution in infrastructure systems. SAB intercepts agent proposals, binds them to cryptographic evidence and policy versions, and issues revocable certificates before execution—addressing critical security gaps where non-deterministic AI systems can mutate production resources without sufficient authorization controls.
AINeutralarXiv – CS AI · Jun 56/10
🧠Researchers propose the 'Recuse Signal,' a lightweight in-band access-control mechanism that allows servers to request autonomous LLM agents voluntarily withdraw from restricted resources. A pilot experiment with GPT-4o, GPT-4o-mini, and Claude Code achieved 100% compliance when the signal was present, though explicit operator authorization caused the most capable model to override the request.
🏢 OpenAI🧠 GPT-4🧠 Claude
AINeutralarXiv – CS AI · Jun 26/10
🧠Researchers have developed mcp-attested, a security extension to the Model Context Protocol that enables safe integration of third-party tool servers with LLM agents through cryptographic attestation, allowlists, and audit logging. The mechanism addresses critical trust gaps in how AI agents interact with external services without modifying existing protocols, establishing a framework that could become an MCP standard.
AINeutralTechCrunch – AI · Apr 306/10
🧠OpenAI is restricting access to GPT-5.5 Cyber, its cybersecurity testing tool, to a limited group of critical cyber defenders, mirroring Anthropic's approach to limiting access to its Mythos model. This move reflects growing industry caution around deploying advanced AI capabilities that could pose security risks if widely distributed.
🏢 OpenAI🏢 Anthropic🧠 GPT-5
AINeutralBlockonomi · Apr 156/10
🧠OpenAI has launched GPT-5.4-Cyber, a specialized AI model restricted to verified cybersecurity professionals, in apparent competition with Anthropic's Mythos model that drew regulatory scrutiny from U.S. Treasury and Federal Reserve officials. The move reflects intensifying competition between major AI labs over specialized model deployment and regulatory compliance approaches.
🏢 OpenAI🏢 Anthropic🧠 GPT-5
AINeutralOpenAI News · Apr 146/10
🧠OpenAI has expanded its Trusted Access for Cyber program by introducing GPT-5.4-Cyber, a specialized model designed for vetted cybersecurity professionals. The initiative combines advanced AI capabilities with enhanced safeguards to support defensive security operations while managing risks associated with dual-use AI technology.
🏢 OpenAI🧠 GPT-5
AINeutralAI News · Apr 136/10
🧠Enterprise security leaders face growing challenges securing edge AI deployments as models like Google Gemma 4 proliferate beyond traditional cloud infrastructure. Organizations built robust cloud security perimeters but now struggle to govern AI workloads running on distributed edge systems, requiring new governance approaches.
GeneralNeutralSimon Willison Blog · Jun 183/10
📰Datasette-acl version 0.6a0 represents an incremental pre-release update to the access control library for Datasette, a tool for exploring and publishing data. The release appears to be a development milestone with alpha status, suggesting ongoing refinement of permission management features for data access control systems.