Agent DailyAgent Daily

Security

Securing agent workflows, outputs, and infrastructure

Build a playbook about Security

Save articles from this feed, then generate a personalized implementation guide

See a sample →
120 results
RELintermediate
[Release] openclaw/openclaw v2026.5.12-beta.5: openclaw 2026.5.12-beta.5

OpenClaw v2026.5.12-beta.5 is a comprehensive bug-fix release addressing gateway protocol improvements, security hardening, plugin dependency management, channel integrations (WhatsApp, Telegram, Discord, WeCom), session transcript redaction, and agent execution reliability. Key fixes include OAuth token exchange for Copilot, device pairing approval requirements, media size enforcement across plugins, and LLM idle watchdog timeout escalation. The release improves stability across multiple integrations while strengthening security controls for trusted proxies, admin scopes, and sensitive data redaction.

github-actions[bot]May 13, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.12-beta.4: openclaw 2026.5.12-beta.4

OpenClaw v2026.5.12-beta.4 is a maintenance release addressing runtime issues, authentication flows, and provider integrations. Key fixes include resolving MODULE_NOT_FOUND errors in Codex migrations, improving WhatsApp/Telegram message handling, and normalizing Google Gemini model IDs. The release also enhances session management, adds per-agent tool policies, and improves error messaging across multiple channels and providers.

github-actions[bot]May 13, 2026
RELintermediate
[Release] crewaiInc/crewAI 1.14.5a5: 1.14.5a5

crewAI 1.14.5a5 is a pre-release update that deprecates CrewAgentExecutor in favor of AgentExecutor, improves Daytona sandbox tools, and addresses multiple security vulnerabilities in dependencies. The release includes bug fixes for HITL workflows, logging enhancements, and comprehensive documentation updates including migration guides for state restoration and crew-to-flow transitions.

greysonlalondeMay 13, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.12-beta.2: openclaw 2026.5.12-beta.2

OpenClaw v2026.5.12-beta.2 releases critical fixes and enhancements across authentication, provider streams, memory management, and UI/UX. Key improvements include auth-profile-backed media tools availability, subagent session visualization, error handling in auto-reply, and provider stream reliability. The release also upgrades to pnpm 11, adds per-agent tool policies, expands Slack/Gemini/Fal provider support, and strengthens TypeScript/linting standards.

github-actions[bot]May 13, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.12-beta.3: openclaw 2026.5.12-beta.3

OpenClaw v2026.5.12-beta.3 is a maintenance release addressing authentication, provider compatibility, and UI improvements. Key fixes include auth-profile-backed media tools availability, WhatsApp/Baileys dependency resolution, memory-wiki permission scoping, and provider stream handling. The release introduces per-agent tool policies, improved subagent session visualization, better error messaging, and expanded configuration options for Slack, Google Gemini, and local model providers.

github-actions[bot]May 13, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.12-beta.1: openclaw 2026.5.12-beta.1

OpenClaw v2026.5.12-beta.1 is a maintenance and feature release addressing security, UI/UX, and provider integrations. Key improvements include memory-wiki admin scope requirements, subagent session hierarchy visualization, Gemini 3 model normalization, enhanced tool policies, and expanded Slack/iMessage channel support. The release also upgrades build infrastructure to pnpm 11 and refines plugin SDK public APIs.

github-actions[bot]May 12, 2026
RELintermediate
[Release] langchain-ai/langchain langchain-core==1.4.0: langchain-core==1.4.0

langchain-core version 1.4.0 release includes numerous bug fixes, performance improvements, and feature additions across the LangChain core library. Key updates involve hardening security (SSRF protections, deserialization safety), improving streaming with content-block-centric v2 support, enhancing tracer metadata handling, and updating dependencies. The release spans from version 0.3.86 through 1.4.0 with multiple intermediate releases (1.2.x, 1.3.x series) containing incremental improvements to tool handling, token counting, and model integrations.

github-actions[bot]May 12, 2026
RELintermediate
[Release] anthropics/claude-code v2.1.136: v2.1.136

Claude Code v2.1.136 is a maintenance release focused on stability and bug fixes across multiple platforms. Key improvements include fixes for MCP server persistence, OAuth token handling, extended thinking compatibility, and numerous UI/UX refinements in the VS Code extension and JetBrains plugin. The release addresses critical issues with file picker matching, dialog rendering, terminal output formatting, and plugin management while enhancing visual consistency and keyboard navigation.

ashwin-antMay 8, 2026
RELintermediate
[Release] openai/openai-agents-python v0.17.0: v0.17.0

OpenAI Agents Python SDK v0.17.0 introduces gpt-realtime-2 as the default model for RealtimeAgents and implements a critical security fix for sandbox local source materialization. The update constrains local artifact sources to remain within the SDK process base directory unless explicitly granted via SandboxPathGrant, closing a local artifact boundary vulnerability. Applications relying on copying trusted files from outside the base directory must now explicitly grant those paths at the manifest level.

seratchMay 8, 2026
RELintermediate
[Release] anthropics/claude-code v2.1.133: v2.1.133

Claude Code v2.1.133 introduces enhanced worktree configuration with `worktree.baseRef` settings, improved sandbox path management for Linux/WSL, and critical fixes for parallel sessions, proxy handling, and effort level synchronization. The release addresses memory efficiency, credential management, and cross-session consistency issues while improving focus mode behavior and MCP OAuth flow support.

ashwin-antMay 8, 2026
RELintermediate
[Release] langchain-ai/langchain langchain-core==0.3.86: langchain-core==0.3.86

LangChain Core version 0.3.86 has been released with a critical security fix. This patch backports a path-traversal vulnerability fix (CVE-2026-34070, GHSA-qh6h-p6c9-ff54) to the v0.3 branch. Users should upgrade immediately to address the security issue.

github-actions[bot]May 8, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.7: openclaw 2026.5.7

OpenClaw v2026.5.7 is a maintenance release focused on stability, security, and reliability improvements across plugin publishing, CLI tools, authentication, and multi-channel integrations. Key fixes address cron job persistence, Discord/Telegram/WhatsApp message routing, OAuth recovery, permission enforcement, and context caching issues. The release includes enhancements to CLI output formatting, voice capture quality, and error handling to prevent partial publishes and stale session states.

steipeteMay 8, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.6: openclaw 2026.5.6

OpenClaw v2026.5.6 addresses critical OAuth routing issues, plugin fetch header handling, and debug proxy normalization. The release reverts a problematic repair from v2026.5.5 that incorrectly rewrote OpenAI Codex OAuth routes, which could break GPT-5.5 setups. Additional fixes improve fetch request handling across plugins, debug proxies, and web requests to prevent symbol metadata rejection and resource cleanup issues.

steipeteMay 6, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.5: openclaw 2026.5.5

OpenClaw v2026.5.5 is a maintenance release focused on fixing critical bugs across multiple messaging platforms (Feishu, LINE, Telegram, Discord, Matrix, Slack), improving control UI responsiveness and session management, resolving provider integration issues (xAI/Grok, Fireworks), and enhancing diagnostic tools. Key improvements include fixing message routing, webhook validation, tool progress rendering, approval delivery retries, and heartbeat timeout handling. The release also addresses plugin management, media handling, and gateway stability issues.

steipeteMay 6, 2026
RELintermediate
[Release] openai/openai-agents-python v0.15.2: v0.15.2

OpenAI Agents Python v0.15.2 introduces context management model settings and fixes critical issues with conversation session replay, tool execution, and error handling. The release includes 11 bug fixes addressing assistant conversation item IDs, function tool tracing, MCP tool metadata isolation, and stream terminal rejection. Comprehensive test coverage improvements ensure reliability across realtime tool behaviors, handoff mechanisms, and tool identity helpers.

seratchMay 6, 2026
RELintermediate
[Release] langchain-ai/langchain langchain==0.3.29: langchain==0.3.29

LangChain version 0.3.29 was released with critical security improvements. The release includes fixes to restrict deserialization in the langchain.storage._lc_store module and hardening of the load() function against untrusted manifests. These changes enhance the security posture of the framework by preventing potential deserialization attacks and manifest injection vulnerabilities.

github-actions[bot]May 6, 2026
TUTintermediate
The vulnerability detection agent Apr 2026 • Claude Agent SDK Cybersecurity Build a vulnerability-discovery agent with the Claude Agent SDK that threat-models a C target, hunts memory-safety bugs with built-in file tools, and triages findings into a structured report.

This cookbook demonstrates building a vulnerability-discovery agent using the Claude Agent SDK that automatically threat-models C source code, hunts memory-safety bugs using built-in file tools (Read, Grep, Glob), and generates structured security reports. The agent operates in a multi-turn session with a bootstrap threat-modeling phase, an interview phase for owner input, and automated vulnerability finding and triage loops. The approach reduces false positives compared to traditional static analyzers by using Claude's reasoning to identify high-confidence memory-safety issues in a read-only sandbox environment.

May 5, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.4-beta.2: openclaw 2026.5.4-beta.2

OpenClaw v2026.5.4-beta.2 introduces significant improvements to voice call integration with Google Meet/Twilio, enhanced plugin management with better migration hints and metadata caching, and substantial performance optimizations across the gateway and control UI. Key updates include Gemini voice bridge streaming for Meet participants, plugin auto-enablement refinements, secrets handling improvements, and comprehensive performance enhancements reducing startup overhead. The release also adds diagnostic tooling for QA testing and improves developer experience with better error handling and logging.

steipeteMay 5, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.3-1: openclaw 2026.5.3-1

OpenClaw v2026.5.3-1 is a hotfix release for the npm core package addressing a security scanner issue. The fix prevents the install scanner from incorrectly blocking official bundled plugin packages when process.env access and API calls appear in different sections of the compiled bundle. The updated package is published on the beta dist-tag for testing before stable release.

steipeteMay 4, 2026
RELintermediate
[Release] openclaw/openclaw v2026.5.3: OpenClaw 2026.5.3

OpenClaw v2026.5.3 introduces a bundled file-transfer plugin with secure binary file operations, hardens plugin installation workflows, and optimizes Gateway startup performance through lazy-loading. The release improves channel reliability across Discord, WhatsApp, Telegram, and other platforms, adds new agent steering commands, and fixes critical issues in realtime transcription, plugin updates, and systemd secret management.

steipeteMay 4, 2026