You must login to view this content
In this interview with Help Net Security, Alysia Johnson, President of the Car Connectivity Consortium (CCC), explains how the CCC Digital Key has grown from a single-brand feature into a standard meant to work across phones, automakers, and suppliers. She talks through what changed with Version 4, why the team focused on interoperability and testing instead of one new threat, and how NFC fallback access stays protected. She also covers fast credential revocation when a … More →
The post Securing digital keys when your phone unlocks the car appeared first on Help Net Security.
AI agents depend on tools, skills, and other agents spread across many teams, organizations, and platforms. These capabilities live in separate systems with their own registries, and an agent working in one environment has limited means to locate and connect to a resource hosted somewhere else. Google addressed this gap with Agentic Resource Discovery, an open specification for publishing, discovering, and verifying AI capabilities across the web. It allows tools and services to be shared … More →
The post Google’s open standard for AI agents to discover and verify tools appeared first on Help Net Security.
As we noted in our earlier analysis, attackers already know secrets are on your developers’ machines, the only question is whether security teams do. The supply chain attack calendar of 2026 has been relentless. Megalodon backdoored 5,500 GitHub repositories in six hours. TrapDoor spread across npm, PyPI, and Crates.io simultaneously, planting persistence inside AI coding assistant config files. Miasma compromised 32 official Red Hat packages by abusing GitHub’s trusted publishing. Each campaign shared the same … More →
The post How security teams are getting credential visibility into developer endpoints appeared first on Help Net Security.