Topic
10 posts about Security from Simon Carter.
fallbackModel, glob deny rules, SendMessage authority hardening, and thinking-control fixes shipped in v2.1.166 — here's what each one means for teams running multi-agent pipelines.
OpenAI's Lockdown Mode, a security setting that blocks live web access and agentic features to defend against prompt injection, is now available to all personal ChatGPT plans.
OpenAI's new Active Sessions security feature lets ChatGPT users audit all signed-in sessions and remotely log out of ones they don't recognise.
Anthropic's public beta adds cron-based scheduling and a network-boundary credential vault to Claude Managed Agents, removing two common DIY infrastructure headaches.
Anthropic's vault-stored environment variables let Claude Managed Agents authenticate CLI tools without the API key ever entering the agent's context window.
Anthropic's Compliance API now connects Claude Enterprise to 28 security platforms including Palo Alto Networks, Rubrik, Okta, and Sumo Logic.
The latest Codex CLI update adds session archiving, OSC 8 hyperlinks in TUI markdown, richer MCP status, and short-lived WebSocket tokens for remote control.
Anthropic's Frontier Red Team mapped 13,873 real attacks to MITRE ATT&CK — and found the framework has no ID for the autonomous agentic behavior defining the highest-risk actors.
Codex CLI 0.137.0 closes three command-safety gaps and adds an alpha Windows elevated sandbox provisioning path for admins.
OpenAI's GA Secure MCP Tunnel uses an outbound-only tunnel-client daemon so private MCP servers can serve ChatGPT, Codex, and the Responses API with no inbound firewall rules.