PROMIT NOW · ALL SIX LENSES · 2026-03-25

◆ DAILY BRIEFING

Wednesday, March 25, 2026

6 angles · 221 sources · 9,499 words · ~47 min end to end

  1. Engineer 37 sources · 7 min

    MCP's protocol spec has zero cryptographic integrity between tool approval and execution — a validated TOCTOU 'rug pull' vulnerability where malicious servers silently rewrite tool behavior after user approval, invisible to both Datadog and LangSmith.

    Your AI agent stack has three concrete, exploitable security gaps this week: MCP has zero cryptographic integrity between tool approval and execution, AWS Bedrock has 8 validated IAM escalation paths…

    Read full briefing →
  2. Security 37 sources · 6 min

    An active phishing campaign is exploiting Microsoft's OAuth device code authentication flow to grant attackers 90-day persistent access tokens to M365 tenants — bypassing MFA entirely.

    An active phishing campaign is exploiting Microsoft's OAuth device code flow to grant attackers 90-day MFA-invisible access to M365 tenants, MuddyWater is using Deno-based backdoors specifically to ev…

    Read full briefing →
  3. Data Science 37 sources · 8 min

    Four independent sources this week proved your evaluation pipelines are systematically lying: AssemblyAI discovered their ASR model was penalized for correct transcriptions that human labelers missed, ChatGPT fabricated numbers from PDFs while Gemini extracted correctly from the same documents, LLMs aced a 22-atom biology task but failed the identical constraint in materials science, and research shows 'expert' persona prompts actually degrade coding and factual accuracy.

    Your ML infrastructure took three independent hits this week — Langflow RCE weaponized in 20 hours, an AI bot poisoned 76/77 Trivy GitHub Action tags, and the MCP protocol has zero integrity between t…

    Read full briefing →
  4. Product 36 sources · 9 min

    Microsoft's 3.3% Copilot enterprise penetration — 15M paying seats on a 450M-seat base — just delivered the hardest proof yet that distribution alone doesn't win in AI.

    Microsoft just ran the most expensive distribution experiment in tech history and proved AI features convert at 3.3% even when bundled into 450 million enterprise seats — killing the 'our users are al…

    Read full briefing →
  5. Leader 37 sources · 10 min

    RSAC 2026 declared non-human identity the next platform war — Google, Cisco, Palo Alto Networks, and the Cloud Security Alliance launched agent security products simultaneously — while researchers revealed MCP has zero cryptographic integrity between user approval and execution, AWS Bedrock has 8 validated exploitation paths, and an autonomous AI bot ('hackerbot-claw') just compromised Trivy, Microsoft, DataDog, and CNCF CI/CD pipelines in a single campaign.

    The AI agent platform war is live — Anthropic ships desktop control in four weeks from acquisition, enterprise SaaS is splitting into open and closed camps on agent access, and OpenAI is pivoting to a…

    Read full briefing →
  6. Investor 37 sources · 7 min

    OpenAI is offering PE firms a 17.5% guaranteed minimum return to buy enterprise distribution while its own pre-IPO docs disclose $665B in compute commitments and flag Microsoft as an existential dependency.

    OpenAI offering PE firms a 17.5% guaranteed return while disclosing $665B in compute commitments and Microsoft dependency as existential risks is the clearest signal yet that the era of limitless capi…

    Read full briefing →