{“lastseen”:”2026-01-13T13:58:15″,”description”:”\\n\\nAI agents are no longer just writing code. They are executing it.\\n\\nTools like Copilot, Claude Code, and Codex can now build, test, and deploy software end-to-end in minutes. That speed is reshaping engineering\u2014but it’s also creating a security gap most teams don’t see until something breaks.\\n\\nBehind every agentic workflow sits a layer few organizations are actively securing: **Machine Control Protocols (MCPs)**. These systems quietly decide what an AI agent can run, which tools it can call, which APIs it can access, and what infrastructure it can touch. Once that control plane is compromised or misconfigured, the agent doesn’t just make mistakes\u2014it acts with authority.\\n\\nAsk the teams impacted by **CVE-2025-6514**. One flaw turned a trusted OAuth proxy used by more than 500,000 developers into a remote code execution path. No exotic exploit chain. No noisy breach. Just automation doing exactly what it was allowed to do\u2014at scale. That incident made one thing clear: if an AI agent can execute commands, it can also execute attacks.\\n\\nThis webinar is for teams who want to move fast **without** giving up control.\\n\\nSecure your spot for the live session \u279c\\n\\nLed by the author of the OpenID whitepaper _Identity Management for Agentic AI_ , this session goes straight to the core risks security teams are now inheriting from agentic AI adoption. You’ll see how MCP servers actually work in real environments, where shadow API keys appear, how permissions quietly sprawl, and why traditional identity and access models break down when agents act on your behalf.\\n\\n**You’ll learn:**\\n\\n * What MCP servers are and why they matter more than the model itself\\n * How malicious or compromised MCPs turn automation into an attack surface\\n * Where shadow API keys come from\u2014and how to detect and eliminate them\\n * How to audit agent actions and enforce policy before deployment\\n * Practical controls to secure agentic AI without slowing development\\n\\n\\n\\n\\n\\nAgentic AI is already inside your pipeline. The only question is whether you can see what it’s doing\u2014and stop it when it goes too far.\\n\\nRegister for the live webinar and regain control of your AI stack before the next incident does it for you.\\n\\nRegister for the Webinar \u279c\\n\\nFound this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2026-01-13T13:44:00″,”modified”:”2026-01-13T13:48:38″,”type”:”thn”,”title”:”[Webinar] Securing Agentic AI: From MCPs and Tool Access to Shadow API Key Sprawl”,”source”:””,”references”:””,”id”:”THN:39F20FCC4933A00DE5A52616E82CCF5B”,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[“CVE-2025-6514″],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:9.6,”severity”:”CRITICAL”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:C\/C:H\/I:H\/A:H”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2026\/01\/webinar-t-from-mcps-and-tool-access-to.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2026-01-13T13:58:15″,”description”:”\\n\\nAI agents are no longer just writing code. They are executing it.\\n\\nTools like Copilot, Claude Code, and Codex can now build, test, and deploy software…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[9,6,8,62,12,13,7,11,43,5],"class_list":["post-35257","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-critical","tag-cve","tag-cvss","tag-cvss-96","tag-exploit","tag-news","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n