Incidents
Provider leaks, exposed chats, agent failures, and operational lessons.
3LS research desk
Runtime AI governance intelligence
Incidents, control models, and operating notes for security teams governing prompts, files, memory, OAuth grants, and agent tool actions.
Editorial filter
What changes operational risk?
Does data leave?
Prompts, uploads, chat memory, and archives crossing provider or tool boundaries.
Does authority move?
OAuth grants, MCP tools, browser agents, and code agents acting on behalf of users.
Mechanism:
On-device agent intercepts AI activity before it leaves the endpoint.
Privacy:
Detections and policy decisions stay within your organization.
Controls
Policy, observability, and runtime decisions before data or authority leaves.
Tool surfaces
Browsers, MCP, extensions, coding agents, and delegated workflows.
Data boundaries
Where prompts, files, memory, and archives become enterprise exposure paths.
Featured Articles
Current briefs for AI security teams tracking data movement, tool authority, and runtime controls.
Thought Leadership 9 min read
Bring Your Agent to Teams Means Bring Your Controls Too
Microsoft's Teams SDK makes it easier to bring existing Slack bots, LangChain chains, and Azure AI Foundry agents into Teams. That turns Teams into an agent ingress point that needs runtime policy, visibility, and evidence.
April 23, 2026
Thought Leadership 9 min read
Workspace Features Create New Enterprise Data Paths
April 23, 2026
Thought Leadership 9 min read
Workspace Agents Move ChatGPT Into the Operating Surface
April 23, 2026
Compliance 10 min read
Microsoft Native AI Controls Are a Starting Point, Not the Finish Line
April 23, 2026
Data Privacy 9 min read
Your Old Slack Archive Is Now AI Training Data
April 23, 2026
Supply Chain 9 min read
The Vercel Incident Shows AI OAuth Is Supply Chain Access
April 23, 2026
Thought Leadership 10 min read
Anthropic Mythos Is a Provider-Trust Warning
April 23, 2026
Thought Leadership 8 min read
AI Governance Is a Runtime Control System
April 23, 2026
Thought Leadership 9 min read
AI Chat Security Risk and the Shadow Database Problem
March 17, 2026
Thought Leadership 8 min read
Why AI Vendors Cannot Secure Your Enterprise Context
March 17, 2026
Thought Leadership 8 min read
The Enterprise AI Visibility Gap Behind Shadow AI Risk
March 17, 2026
Supply Chain 8 min read
OpenClaw Malicious Skills Turn Agent Convenience Into a Supply Chain Problem
March 13, 2026
Incident Report 8 min read
If CISA Can Put FOUO in ChatGPT, Your Exception Process Is the Breach
January 30, 2026
Thought Leadership 10 min read
The Enterprise Agent Control Plane from Toggles to Policy as Code
January 16, 2026
Thought Leadership 9 min read
Approval Fatigue Is an Enterprise Risk in Agent Sandboxes
January 14, 2026
Thought Leadership 10 min read
Agent Sandboxes Are the Containment Boundary
January 14, 2026
Attack Techniques 8 min read
Agentic Browser Prompt Injection and the Lethal Trifecta
January 12, 2026
Attack Techniques 9 min read
MCP Tool Poisoning Turns Tool Metadata Into Data Exfiltration
January 12, 2026
Supply Chain 9 min read
Prompt Poaching in the Chrome Web Store and AI Chat Exfiltration
January 12, 2026
Vulnerabilities 10 min read
Claude.ai Email Exfiltration Shows How Assistants Can Leak Inboxes
September 29, 2025
Compliance 9 min read
M365 Copilot and Claude Create a Compliance Bomb
September 29, 2025
Supply Chain 12 min read
The AWS VSCode Supply Chain Near Miss That Almost Reached Millions
January 28, 2025
Thought Leadership 11 min read
Clicking Yes to AI Disaster and the Approval Fatigue Crisis
January 25, 2025
Incident Report 9 min read
The MCP Server That Wiped Production and the AI Tooling Risk
January 20, 2025
Vulnerabilities 8 min read
Prompt Injection Vulnerabilities and Lessons from the 2024 Wave
January 15, 2025
Data Privacy 10 min read
The $4.88M Question on AI PII Exposure
January 12, 2025
AI Governance 12 min read
Shadow AI in the Enterprise and the Surge in Uncontrolled Usage
January 8, 2025
All Articles
Latest coverage across incidents, controls, and research
Thought Leadership March 18, 2026 • 10 min read
False Memories Turn AI Assistants Into Persistent Social-Attack Infrastructure
Read Article Thought Leadership March 18, 2026 • 10 min read
AI Memory Builds the Perfect Social-Engineering Dossier
Read Article Incident Report March 18, 2026 • 9 min read
Sears-Linked AI Chat Logs Expose the Enterprise Visibility Failure
Read Article Incident Report March 17, 2026 • 9 min read
OpenAI Shared Chat Risk and AI Transcript Exposure
Read Article Incident Report March 17, 2026 • 8 min read
DeepSeek Exposed Chat History Is a Trust Failure, Not Just a Breach Story
Read Article
Incident Report March 17, 2026 • 8 min read
Claude Shared Chat Risk Creates a Governance Problem Before a Breach
Read Article
Infrastructure March 17, 2026 • 8 min read
Self-Hosted AI Still Leaks When the Operator Owns the Blind Spot
Read Article
Incident Report March 13, 2026 • 8 min read
When AI Chatbots Give Illegal Advice, Governance Already Failed
Read Article Thought Leadership March 13, 2026 • 9 min read
Agent Architecture Is a Safety Control When Tool Density Becomes Risk
Read Article Attack Techniques March 13, 2026 • 8 min read
Retrieval Poisoning and Citation Laundering Turn Sources Into Attack Surface
Read Article Vulnerabilities March 13, 2026 • 8 min read
OpenClaw Core Takeover Shows the Shadow-Agent Risk on Employee Laptops
Read Article
Thought Leadership March 13, 2026 • 9 min read
Agent Execution Firewalls Are the Missing Control for OpenClaw Tool Risk
Read Article
Supply Chain January 12, 2026 • 8 min read
PromptPwnd Shows the Agentic CI/CD Supply Chain Risk
Read Article
Attack Techniques December 28, 2024 • 7 min read
Multimodal Prompt Injection When Images Hide Malicious Commands
Read Article
Weekly AI Threat Intelligence Briefings
Get updates when we publish new research on emerging AI attacks, supply chain threats, and defense strategies.
No spam. Unsubscribe anytime.