Signal criticality: High
What happened: Help Net Security reported that Tenable introduced Tenable Hexa AI as the agentic orchestration engine inside the Tenable One Exposure Management Platform. The launch positions Hexa AI as a workflow layer that uses Tenable’s exposure data fabric to coordinate multi-step security actions across IT, cloud, identity, OT, and AI environments, including custom agents, out-of-the-box agents, automation, and human-in-the-loop guardrails.
Key takeaways:
Original source: https://www.helpnetsecurity.com/2026/03/25/tenable-hexa-ai/
Signal criticality: High
What happened: Dark Reading reported on Microsoft’s push for stronger identity controls and guardrails around AI agents as enterprises give those systems broader access to business tools and data. The coverage frames the change as an effort to put clearer security controls around agent behavior, with emphasis on managing the risks that come from agents operating with meaningful permissions inside enterprise environments.
Key takeaways:
Original source: https://www.darkreading.com/identity-access-management-security/microsoft-proposes-better-identity-guardrails-ai-agents
Signal criticality: High
What happened: The Decoder reported that malicious versions 1.82.7 and 1.82.8 of the open-source LiteLLM proxy were uploaded to PyPI on March 24, 2026. According to the report, the malware steals SSH keys, cloud credentials, database passwords, and Kubernetes configuration, exfiltrates that data to an external server, spreads across Kubernetes clusters, and installs persistent backdoors.
Key takeaways:
Original source: https://the-decoder.com/popular-ai-proxy-litellm-got-hacked-with-malware-that-spreads-through-kubernetes-clusters/
Signal criticality: High
What happened: Rapid7 published a whitepaper on how cellular-enabled IoT devices can be abused as entry points into cloud and backend environments when an attacker has physical access to the device. The research describes attacks against USB and UART interchip links, shows how hardware modifications can let an external system take control of a cellular module, and includes proof-of-concept tooling for port scanning, S3 bucket enumeration, SOCKS5 proxying, and Metasploit-based access through the device’s cellular path.
Key takeaways:
Original source: https://www.rapid7.com/blog/post/tr-new-whitepaper-exploiting-cellular-based-iot-devices
Signal criticality: High
What happened: OpenAI announced richer shopping and product-discovery experiences inside ChatGPT, built around the Agentic Commerce Protocol and merchant integrations. The update shifts emphasis away from Instant Checkout toward product discovery, comparison, and merchant-controlled checkout flows, which makes it relevant as a signal about how agentic commerce surfaces, trust boundaries, and transaction design are evolving.
Key takeaways:
Original source: https://openai.com/index/powering-product-discovery-in-chatgpt
The strongest signal today is that AI security is being decided in the surrounding control layer — permissions, connectors, deterministic workflow design, response speed, and the infrastructure that still underpins trust. That is a more durable framing than generic agent hype, and it is the one worth carrying forward.