BUSINESS

For De Zerbi, the best hope is to restore Tottenham to the days when ‘Spursy’ meant losing a Champions League final, not fighting relegation.​

The 16-team field in the 2026 NCAA men’s hockey tournament has been whittled down to four. Here are the winners, losers, surprises and new pros that have emerged so far.

Beauty lovers around the country cheered when Kohl’s and Sephora announced their partnership back in December 2020. Although it’s one of the largest beauty retailers in the world, Sephora only has around 500 standalone locations in the U.S. Kohl’s, on the other hand, has upwards of 1,100 stores in 49 different states. About “80% of Americans live within 15 miles of a Kohl’s store,” according to the retailer.This meant that the Kohl’s + Sephora partnership made it drastically easier for the average American to access prestige beauty products.Now the department store has more good news for beauty enthusiasts — several new viral product lines are rolling out at Sephora at Kohl’s locations in the coming months.Sephora at Kohl’s is expandingDuring Kohl’s Q4 FY2026 earnings call in early March, CEO Michael Bender told investors the Sephora + Kohl’s partnership would be expanding.“We’re driving the next phase of growth in our Sephora at Kohl’s business by strategically curating an exciting assortment,” Bender said. The CEO teased some of the new brands that would be landing on Kohl’s shelves over the next few months, including MAC, Tarte, Charlotte Tilbury, and YSL Beauty.Now, we have official confirmation that MAC and YSL Beauty will be making their nationwide debuts in spring 2026.MAC Cosmetics at Sephora at Kohl’sKohl’s started rolling out MAC Cosmetics in select stores earlier this year. Fans went wild for the 42-year-old Canadian brand, leading the company to push the drop into all 850 Sephora at Kohl’s locations. Among the items included in the collection are:Studio Fix foundationFix+ setting sprayStudio Fix concealerDiamond Dazzle eye shadow sticksAn assortment of the brand’s iconic lip sticks and lip pencils
Source: Kohl’s
YSL Beauty at Sephora at Kohl’sMAC isn’t the only new brand in town at Sephora at Kohl’s locations. The department store has also revealed that YSL Beauty will be landing in April. The line will be launched in just 200 locations.Among the items included in the collection are:Lash Clash mascaraMake Me Blush powder blushThe Candy Glaze lip collectionLibre perfume
Source: Kohl’s

MAC Cosmetics and YSL Beauty are among the prestige brands dropping at Sephora at Kohl’s stores this spring.Image Source: Shutterstock

Can Sephora at Kohl’s return the chain to relevancy?As discount stores like TJMaxx and Nordstrom Rack have become more popular in recent years, Kohl’s has struggled to remain relevant. Kohl’s saw overall foot traffic decline by 5% in Q4 2025, according to a recent Placer.ai report. That reduction in visits led to a 4% drop in net sales for the fiscal year, Kohl’s CFO Jill Timm told investors on the recent earnings call.Kohl’s deteriorating market position can largely be attributed to its lack of “sharply defined value or experiential proposition,” the Placer.ai report said.“Consumers are rewarding clarity,” the report read. “In a bifurcated retail environment, the middle is the toughest place to be.”More retail:Chili’s makes a bold menu change fans will loveHistoric toy retailer closed 59 stores, faces bankruptcy sale122-year-old beauty giant sued by investors over fraud claimsAs Kohl’s continues to strengthen its position as a beauty destination thanks to its evolving partnership with Sephora, could that be enough to help it establish that experiential proposition and return it to relevancy?The beauty industry is growing rapidly, after all. The market is estimated to grow 5% annually through 2030, according to consulting firms like McKinsey & CompanyBenders seems to think so. “On the Sephora question, you know, we feel very good about the partnership there,” he told investors earlier this month. And the data seem to back it up. The Sephora at Kohl’s partnership is on track to “deliver a $2 billion beauty business,” according to the store’s Q2 FY2025 earnings report.Sephora at Kohl’s FAQSephora at Kohl’s are not identical to standalone Sephoras. While there is some brand crossover, Sephora stores at Kohl’s are smaller and generally have different inventory and a different return policy. Here are quick answers to the most commonly asked questions about Sephora at Kohl’s.Can I earn and redeem Sephora points at Sephora at Kohl’s? Yes, Beauty Insiders and earn and redeem points at physical Sephora at Kohl’s locations and online.Can I use my Kohl’s cash at Sephora at Kohl’s? No, Kohl’s cash and rewards cannot be redeemed on Sephora Beauty products.Does Sephora at Kohl’s participate in Sephora’s savings events? Yes, Sephora at Kohl’s does participate in Sephora’s bi-annual savings event. Dates for the tiered sale are identical to those at standalone Sephoras.Is Sephora at Kohl’s at all Kohl’s locations? Yes, all Kohl’s stores have a Sephora shop.
Sources: Kohl’s, Kohl’s 
Related: Bath & Body Works’ new launch brings popular brand to the retailer

Transcript:Caroline WoodsJoining me now to kick off the week is Ron Insana, CEO of Insana Information Partners. Ron, great to have you back at the desk.Ron InsanaThanks for having me back and see you.Caroline WoodsSo I want to get a check in on your market sentiment, because you were last on in December and you were a bear then, and that was before we were in a war with Iran before oil hit $100 a barrel or more. And before some of this pressure that we’ve seen on tech. How are you feeling about the market now?Ron InsanaAbout as bad as they did then. I know I’m still I think there’s a, you know, 5050 chance that we go from correction to bear market over the course of the next couple of months, which, you know, strictly defined would be a 20% downdraft for the major averages, maybe a little bit more if particularly if the war is not settled in relatively short order.Ron InsanaI think if you start to see crude oil, you know, jump to 110, 120 here in the States or one 3140 in London. There’s also this lagged effect that the crude oil that we have that’s been distributed around the world from several months ago is just reaching the shores of these destination countries, whether it’s in Asia or in Europe.Ron InsanaSo this disruption that’s taking place in the Gulf now won’t really hit other countries for several weeks to come. So we may see supply shortages of fertilizer, of energy products, of agricultural products around the world that could create a weaker global economy and by extension, hurt the United States and keep inflation above target for some time to come.Caroline WoodsOkay, so we have seen stocks rallying a bit this morning on hopes that the war could be over soon. We have seen the Nasdaq dip into negative territory.Ron InsanaWe also hear that every Monday morning.Caroline WoodsIf the war ends tomorrow, where does the market go?Ron InsanaWell you’d have to expect it to be a rocket shot straight higher just on a relief rally. Whether or not it eliminates all the problems that we have as a consequence of not just the war, but the lingering effects of tariffs. As you said earlier, the gutting of some of the technology stocks that are down. And then the alternative asset managers are down 20, 30, 40% as well.Ron InsanaAnd so there are still these lingering concerns about credit quality in the private credit space. So I don’t think we we have resolved all the issues that this market faces. The war would be one the biggest one, but not all of them.Caroline WoodsSo you’re 5050 correction to bear market.Ron InsanaYeah.Caroline WoodsWhat does that change to if the war does end quickly?Ron InsanaWell, I think you get a big relief rally and then you go back and contend with a couple of other issues. Can the Federal Reserve cut interest rates even if the war comes to a swift conclusion? Will tech rebound and will alternative asset managers who have been you know, preventing investors from withdrawing their funds from certain private credit vehicles?Ron InsanaWell, is that a canary in the coal mine that there’s problems in the credit markets that haven’t yet made themselves, you know, fully known in the financial system?Caroline WoodsAnd we actually saw the market starting to price in the potential for a rate hike later this year versus another cut because of inflationary pressures. How damaging would that be for stocks?Ron InsanaA rate hike would be. Listen, I mean all bear markets start with a rate hike, right? I mean, so we’ve had just a garden variety correction despite how big the headlines have been. You know the S&P before this morning’s rally was down 9.7% from its high. The Dow, the Nasdaq and the Russell were all down. More than 10% were negative for the year.Ron InsanaAnd that’s without the Federal Reserve getting less friendly. So by late friend Marty Zweig, you know, very famous investor said don’t fight the fed. Don’t fight the tape. Tape doesn’t look that great. The Fed’s being called into question. If you were to get those two things combined, where the tape gets weaker and the Fed’s leaning towards tighter policy, you could pretty much guarantee there would be more downside in the stock market.Caroline WoodsWe’re also hearing more about stagflation that has entered the conversation. Is that base case to our base case now or do you think that’s still just a risk case? No.Ron InsanaThat’s been my base case since last year. Since the end of last year, I think. I don’t know if we talked about it in December, but it’s mini stagflation. I mean, I think Jay Powell was correct in his last public comments to suggest that anything like the 1970s and early 1980s is off the table. I mean, you would need a 15 year period to build that case where inflation is 13%, unemployment’s 11%, and interest rates go to 20%.Ron InsanaThat’s not where we are. But you could see the labor market stagnating or weakening. You could see GDP growth slowing. And you could see inflation holding above three three. And a half percent for some period. And that’s well it’s not the worst of all worlds. You know, 1980 was as was the financial crisis 2008. It’s it’s aggravating enough that consumers spend less that the policymakers are frozen because they don’t know which item to focus on, a weaker economy or higher inflation.Ron InsanaAnd it kind of just locks the economy into this, you know, kind of no go zone, if you will, or low, high or low fire or inflation that’s uncomfortably high for most people, particularly middle and lower income individuals. And you get a stagnant economy.Caroline WoodsYou’ve also been cautious on the AI build out in the AI trade. Do you look at what’s happening now, the gutting of tech, as you said, as just an overextended sector? That’s right sizing? Or do you look at this as the beginning of a bubble unwinding?Ron InsanaHard to tell. I mean, you know, I think, you know, we’ve had this Apocalypse Now where software stocks, both in public and private markets seem to be marked down rather substantially. I think what we don’t know yet is whether or not any of these prominent AI companies can earn enough over time to fund the trillions of dollars they’re spending on infrastructure.Ron InsanaAnd if I becomes a commodity and they don’t have pricing power and we can all buy, you know, ChatGPT or clawed for $20 a month, is that market going to be big enough to finance what’s expected to be at least a $3 trillion spend over a five year period? And I think that’s where it gets a little sticky.Ron InsanaAnd I think it’s still too early to tell.Caroline WoodsIs there anything in tech that you would look at as a safe bet right now, though?Ron InsanaI don’t right now. I mean, certainly the valuations have come down a lot in the tech sector. In fact, the entire outperformance of the of the Mag seven relative to the S&P is gone. And you know, we’ve seen Microsoft come down 26% from its highs. We’ve seen a lot of stocks really get taken out to the woodshed including Nvidia which was the premiere company in the space.Ron InsanaWe might be getting closer to a point where people can nibble safely. I wouldn’t be throwing a ton of money yet, at any area of the equity markets right now until we get some clarity around all the issues we’ve discussed so far.Caroline WoodsSo if you’re someone sitting here right now with money in the market, what do you do? Do you hold? Do you trim.Ron InsanaWhat we’ve always I mean we I it was editorial. We always suggest that, you know, if you’re overexposed to a specific area, you reduce it back to the weighting that it’s supposed to be in your portfolio. And you take all those prudent portfolio management steps to make sure that you’re not, you know, too far out on a limb with respect to either individual stocks or specific sectors.Ron InsanaSo that kind of portfolio management is always wise. If you’ve got ten, 15, 20 years to retirement, you continue to dollar cost average. You put the money to work. You know, my preference like Warren Buffett’s is for just buying index funds and not getting to shoot unless you really know, unless you really spending time studying individual stocks and you have a complete understanding of what their business model is.Ron InsanaFor most folks who don’t have the time to pay attention, that way you can go with the S&P, the QS, the Russell, or even the international index and create a basket of those four and just keep putting the money away. Sock it away until you need it. If you need it in the short run, I’d be a little more careful and maybe buy some T-bills and, you know, hedge just a touch.Caroline WoodsLast time we were on with us, you actually liked international over U.S. opportunities. Does everything happening in the world, and also the recessionary risk that Europe Asia is now facing, change that view a little bit.Ron InsanaI mean, I think the the rest of the world is still modestly outperforming the U.S., but that differential is how much by how much they’re down versus by how much they’re up. So last year, you know, we had European and Asian markets outperformed by by leaps and bounds. You know 2 to 3 x the United States. Now we have the US down on the year.Ron InsanaAnd Europe and Asia are in some instances still in positive territory but only by a couple percentage points. So there’s still a spread of positive spread between the rest of the world and the United States. It’s just not as pronounced as it was last year.Caroline WoodsSo as I think about your sentiment at the end of last year, which felt very bearish to now 50% chance of a bear market, I mean, that’s kind of a safe you know it.Ron InsanaAnd I it more negative to to I’m.Caroline WoodsJust curious like are you a little bit do you think that what we’ve seen in terms of the sell off that we’re at valuations now and that maybe are more justified and there’s not necessarily reason to move lower.Ron InsanaWell, I mean, I think I think there’s still the risk of moving lower. But the valuation question, I guess the PE on the S&P 500 is now down below 20, which is much, much closer to historic average. And so it’s a safer environment relative to where we’ve been. But we have seen an uptick in interest rates as well.Ron InsanaSure, even without the fed getting involved. So as rates go up they’re down a little bit this morning. But if they do continue higher that changes. You know the relative value between bonds and stocks.Caroline WoodsSo what is it that you think investors might be underestimating right now.Ron InsanaWell I think it’s a private credit risk. I, I still think is is an issue whether it’s systemic like 2008. I don’t think it’s that magnitude. To me, it still seems like it may create a shock. That’s more like the failure of long term capital or the Asian currency crisis, where we get a big market disruption that shakes the tree, maybe prompts the federal Reserve to cut interest rates, and then sets the stage for another rally down the road.Ron InsanaI’m keeping a close eye on that as possible. You know, it’s it’s hard. It’s impossible to escape the war right now as being the principal risk both domestically and globally. I don’t know if that means my time is up, but but I think that, you know, we’re getting closer to where valuations are reasonable, but we still have these, you know, these major concerns principally first around the war.Ron InsanaThen secondly, I think around, deterioration in private credit. That’s very hard to assess because it’s such an opaque market and we don’t know how these loans are being valued, and we can’t see through those markets to get good information about where they stand.Caroline WoodsWe had Gareth Solloway on not too long ago. He’s a trader. He looks at the charts, technical analyst, if you will, and he has a 5600 price target for the S&P 500 by year end. Yeah. Do you. Is that about right? Is that aggressive. Is it conservative?Ron InsanaI Trump middle of the road I think you know at this juncture you know if you’re hovering around 6000 and you know another 400 points to the downside would you know, wouldn’t be shocking, that would again put us in bear market territory, you know, effectively, you know, we broke it in technical terms. We broke the 200 day moving average.Ron InsanaThere’s some talk about a Death Cross in some of the major averages, which historically has led to further downside activity. It’s not always a reliable indicator, but, you know, you’ve seen also what I would call a gutting of the market, right? You see the technology stocks get killed. You see, in the mag seven have lost their outperformance.Ron InsanaWe’ve seen alternative asset managers and financial stocks also get hit. And usually when when you see that type of internal deterioration, the averages are more likely to catch down to those sectors than the sectors are to catch up to the averages. So you’ve had big, big declines in a lot of different assets and a lot of different asset classes.Ron InsanaBitcoin is down you know you see.Caroline WoodsBut is there any reason to be bullish right now. What would flip your outlook.Ron InsanaThe war coming to a very very swift conclusion and oil flowing again fertilizer flowing again. Some measure of, I guess, stability in the Middle East that would not guarantee because that’s impossible, but would make more likely a much calmer environment that would allow for a big relief rally. But there look, we haven’t had a bear market in quite some time, you know, and we’ve also had a four year bull run.Ron InsanaSo it’s not unusual that we’re seeing downside. In fact, the average annual decline peak to trough is 14%. So we haven’t even hit that. Just, you know, as a matter of course, it’s not the end of the world. I don’t think that’s what’s happening. But you know, I think people have to recognize that this type of volatility is normal.Ron InsanaYou know, over the course of my career, you I’ve gotten these questions, you know, you think there’ll be more volatility in the stock market. And the answer is always yes. I mean you know we’ve always had a I mean I started in 1984 and there was tons of volatility. Then there’s tons of volatility now. And it’s just a feature of the market.Ron InsanaIt’s not a bug okay.Caroline WoodsWell we’re going to transition to our rapid fire game this or that. Pin you down for some quick answers. Quick questions here. You ready okay. More likely correction or bear market.Ron InsanaBear market.Caroline WoodsBuy the dip or wait for lower wait.Ron InsanaFor lower.Caroline WoodsRotation or real de-risking.Ron InsanaReal de-risking.Caroline WoodsSmall caps ketchup trade or value trap.Ron InsanaValue trap.Caroline WoodsFed’s next move. Hike or cut. Neither stay on hold. Inflation. Temporary spike or persistent problem. Persistent problem. Which are we closer to? Stagflation or recession?Ron InsanaBy definition they’re partly the same thing. So. But I’m still in the stagflation camp.Caroline WoodsOil’s stabilizing or heading higher.Ron InsanaHeading higher.Caroline WoodsGeopolitics. Market noise or real economic risk?Ron InsanaReal economic risk.Caroline WoodsAround more priced in or just getting started?Ron InsanaThat’s a that’s that’s a coin toss. I’m going to say just getting started because I think that there are some risks that have not yet been realized, particularly if we put troops on the ground.Caroline WoodsDollar, safe haven or problem asset.Ron InsanaNeither.Caroline WoodsBetter place to hide. Gold or treasuries.Ron InsanaTreasuries. Short term treasuries.Caroline WoodsI build out sustainable are overextended.Ron InsanaSlightly overextended.Caroline WoodsI opportunity or bubble.Ron InsanaBoth.Caroline WoodsI winner you reinvest I winner you invest in regardless.Ron InsanaAnthropic.Caroline WoodsStay invested or raise cash.Ron InsanaRaise low.Caroline WoodsCash US markets are international.Ron InsanaStill international.Caroline WoodsCredit markets stable are starting to crack.Ron InsanaStarting to crack.Caroline WoodsPrivate credit opportunity or risk?Ron InsanaRisk.Caroline WoodsOne word to describe the market right now.Ron InsanaUnstable.Caroline WoodsOne word to describe how you’re feeling about the market this year.Ron InsanaUnstable.Caroline WoodsWe’ll leave it there Ron. And it. He is, CEO of Insana Information Partners. Always a pleasure. Thanks so much.Ron InsanaSee you.

Michael Rousseau released a condolence video after a fatal runway collision that was almost entirely in English.

“You can deceive, manipulate, and lie. That’s an inherent property of language. It’s a feature, not a flaw,” CrowdStrike CTO Elia Zaitsev told VentureBeat in an exclusive interview at RSA Conference 2026. If deception is baked into language itself, every vendor trying to secure AI agents by analyzing their intent is chasing a problem that cannot be conclusively solved. Zaitsev is betting on context instead. CrowdStrike’s Falcon sensor walks the process tree on an endpoint and tracks what agents did, not what agents appeared to intend. “Observing actual kinetic actions is a structured, solvable problem,” Zaitsev told VentureBeat. “Intent is not.”That argument landed 24 hours after CrowdStrike CEO George Kurtz disclosed two production incidents at Fortune 50 companies. In the first, a CEO’s AI agent rewrote the company’s own security policy — not because it was compromised, but because it wanted to fix a problem, lacked the permissions to do so, and removed the restriction itself. Every identity check passed; the company caught the modification by accident. The second incident involved a 100-agent Slack swarm that delegated a code fix between agents with no human approval. Agent 12 made the commit. The team discovered it after the fact.Two incidents at two Fortune 50 companies. Caught by accident both times. Every identity framework that shipped at RSAC this week missed them. The vendors verified who the agent was. None of them tracked what the agent did.The urgency behind every framework launch reflects a broader market shift. “The difficulty of securing agentic AI is likely to push customers toward trusted platform vendors that can offer broader coverage across the expanding attack surface,” according to William Blair’s RSA Conference 2026 equity research report by analyst Jonathan Ho. Five vendors answered that call at RSAC this week. None of them answered it completely.Attackers are already inside enterprise pilotsThe scale of the exposure is already visible in production data. CrowdStrike’s Falcon sensors detect more than 1,800 distinct AI applications across the company’s customer fleet, generating 160 million unique instances on enterprise endpoints. Cisco found that 85% of its enterprise customers surveyed have pilot agent programs; only 5% have moved to production, meaning the vast majority of these agents are running without the governance structures production deployments typically require. “The biggest impediment to scaled adoption in enterprises for business-critical tasks is establishing a sufficient amount of trust,” Cisco President and Chief Product Officer Jeetu Patel told VentureBeat in an exclusive interview at RSA Conference 2026. “Delegating versus trusted delegating of tasks to agents. The difference between those two, one leads to bankruptcy and the other leads to market dominance.”Etay Maor, VP of Threat Intelligence at Cato Networks, ran a live Censys scan during an exclusive VentureBeat interview at RSA Conference 2026 and counted nearly 500,000 internet-facing OpenClaw instances. The week before: 230,000. Cato CTRL senior researcher Vitaly Simonovich documented a BreachForums listing from February 22, 2026, published on the Cato CTRL blog on February 25, where a threat actor advertised root shell access to a UK CEO’s computer for $25,000 in cryptocurrency. The selling point was the CEO’s OpenClaw AI personal assistant, which had accumulated the company’s production database, Telegram bot tokens, and Trading 212 API keys in plain-text Markdown with no encryption at rest. “Your AI? It’s my AI now. It’s an assistant for the attacker,” Maor told VentureBeat.The exposure data from multiple independent researchers tells the same story. Bitsight found more than 30,000 OpenClaw instances exposed to the public internet between January 27 and February 8, 2026. SecurityScorecard identified 15,200 of those instances as vulnerable to remote code execution through three high-severity CVEs, the worst rated CVSS 8.8. Koi Security found 824 malicious skills on ClawHub — 335 of them tied to ClawHavoc, which Kurtz flagged in his keynote as the first major supply chain attack on an AI agent ecosystem.Five vendors, three gaps none of them closedCisco went deepest on identity governance. Duo Agentic Identity registers agents as distinct identity objects mapped to human owners, and every tool call routes through an MCP gateway in Secure Access SSE. Cisco Identity Intelligence catches shadow agents by monitoring network traffic rather than authentication logs. Patel told VentureBeat that today’s agents behave “more like teenagers — supremely intelligent, but with no fear of consequence, easily sidetracked or influenced.” CrowdStrike made the biggest philosophical bet, treating agents as endpoint telemetry and tracking the kinetic layer through Falcon’s process-tree lineage. CrowdStrike expanded AIDR to cover Microsoft Copilot Studio agents and shipped Shadow SaaS and AI Agent Discovery across Copilot, Salesforce Agentforce, ChatGPT Enterprise, and OpenAI Enterprise GPT.Palo Alto Networks built Prisma AIRS 3.0 with an agentic registry, an agentic IDP, and an MCP gateway for runtime traffic control. Palo Alto Networks’ pending Koi acquisition adds supply chain and runtime visibility. Microsoft spread governance across Entra, Purview, Sentinel, and Defender, with Microsoft Sentinel embedding MCP natively and a Claude MCP connector in public preview April 1. Cato CTRL delivered the adversarial proof that the identity gaps the other four vendors are trying to close are already being exploited. Maor told VentureBeat that enterprises abandoned basic security principles when deploying agents. “We just gave these AI tools complete autonomy,” Maor said.Gap 1: Agents can rewrite the rules governing their own behaviorThe Kurtz incident illustrates the gap exactly. Every credential check passed — the action was authorized. Zaitsev argues that the only reliable detection happens at the kinetic layer: which file was modified, by what process, initiated by what agent, compared against a behavioral baseline. Intent-based controls evaluate whether the call looks malicious. This one did not. Palo Alto Networks offers pre-deployment red teaming in Prisma AIRS 3.0, but red teaming runs before deployment, not during runtime when self-modification happens. No vendor ships behavioral anomaly detection for policy-modifying actions as a production capability.Patel framed the stakes in the VentureBeat interview: “The agent takes the wrong action and worse yet, some of those actions might be critical actions that are not reversible.” Board question: An authorized agent modifies the policy governing the agent’s future actions. What fires?Gap 2: Agent-to-agent handoffs have no trust verificationThe 100-agent swarm is the proof point. Agent A found a defect and posted to Slack. Agent 12 executed the fix. No human approved the delegation. Zaitsev’s approach: collapse agent identities back to the human. An agent acting on your behalf should never have more privileges than you do. But no product follows the delegation chain between agents. IAM was built for human-to-system. Agent-to-agent delegation needs a trust primitive that does not exist in OAuth, SAML, or MCP.Gap 3: Ghost agents hold live credentials with no offboardingOrganizations adopt AI tools, run a pilot, lose interest, and move on. The agents keep running. The credentials stay active. Maor calls these abandoned instances ghost agents. Zaitsev connected ghost agents to a broader failure: agents expose where enterprises delayed action on basic identity hygiene. Standing privileged accounts, long-lived credentials, and missing offboarding procedures. These problems existed for humans. Agents running at machine speed make the consequences catastrophic.Maor demonstrated a Living Off the AI attack at the RSA Conference 2026, chaining Atlassian’s MCP and Jira Service Management to show that attackers do not separate trusted tools, services, and models. Attackers chain all three. “We need an HR view of agents,” Maor told VentureBeat. “Onboarding, monitoring, offboarding. If there’s no business justification? Removal.”Why these three gaps resist a product fixHuman IAM assumes the identity holder will not rewrite permissions, spawn new identities, or leave. Agents violate all three. OAuth handles user-to-service. SAML handles federated human identity. MCP handles model-to-tool. None includes agent-to-agent verification.Five vendors against three gapsCiscoCrowdStrikeMicrosoftPalo Alto NetworksUnsolvedRegistration. Can the vendor discover and inventory agents?Duo Agentic Identity. Agents registered as identity objects with human owners. Shadow agent detection via network traffic.Falcon sensor auto-discovery. 1,800+ agent apps, ~160M instances across customer fleet.Security Dashboard for AI + Entra shadow AI detection at the network layer.Agentic registry in Prisma AIRS 3.0. Agents inventoried before operating.All four register agents. No cross-vendor identity standard exists.Self-modification. Can the vendor detect when an agent changes its own policies?MCP gateway catches anomalous tool-call patterns in real time, but does not monitor for direct policy file modifications on the endpoint.Process-tree lineage tracks file modifications at the action layer. Could detect a policy file change, but no dedicated self-modification rule ships.Defender predictive shielding adjusts access policies reactively during active attacks. Not proactive self-modification detection.AI Red Teaming tests for this before deployment. No runtime detection after the agent is live.OPEN. No vendor detects an agent rewriting the policy governing the agent’s own behavior as a shipping capability.Delegation. Can the vendor track when one agent hands work to another?Maps each agent to a human owner. Does not track agent-to-agent handoffs.Collapses the agent identity to the human operator. Does not correlate the delegation chains between agents.Entra governs individual non-human identities. No multi-agent chain tracking.AI Agent Gateway governs individual agents. No delegation primitive between agents.OPEN. No trust primitive for agent-to-agent delegation exists in OAuth, SAML, or MCP.Decommission. Can the vendor confirm a killed agent holds zero credentials?Identity Intelligence runs a continuous inventory of active agents.Shadow SaaS + AI Agent Discovery finds running agents across SaaS and endpoints.Entra’s shadow AI detection surfaces unmanaged AI applications.Koi acquisition (pending) adds endpoint visibility for agent applications.OPEN. All four discover running agents. None verifies zero residual credentials after decommission.Runtime / Kinetic. Can the vendor monitor what agents do in real time?MCP gateway enforces policy per tool call at the network layer. Contextual anomaly detection on call patterns.Falcon EDR tracks commands, scripts, file activity, and network connections at the process level.Defender endpoint + cloud monitoring. Predictive shielding during active incidents.Prisma AIRS AI Agent Gateway for runtime traffic control.CrowdStrike is the only vendor framing endpoint runtime as the primary safety net for agentic behavior.Five things to do Monday morning before your board asksAudit self-modification risk. Pull every agent with write access to security policies, IAM configs, firewall rules, or ACLs. Flag any agent that can modify controls governing the agent’s own behavior. No vendor automates this.Map delegation paths. Document every agent-to-agent invocation. Flag delegation without human approval. Human-in-the-loop on every delegation event until a trust primitive ships.Kill ghost agents. Build a registry. For each agent: business justification, human owner, credentials held, systems accessed. No justification? Manual revoke. Weekly.Stress test the MCP gateway enforcement. Cisco, Palo Alto Networks, and Microsoft all announced MCP gateways this week. Verify that agent tool traffic actually routes through the gateway. A misconfigured gateway creates false confidence while agents call tools directly.Baseline agent behavioral norms. Before any agent reaches production, establish what normal looks like: typical API calls, data access patterns, systems touched, and hours of activity. Without a behavioral baseline, the kinetic-layer anomaly detection Zaitsev describes has nothing to compare against.Zaitsev’s advice was blunt: you already know what to do. Agents just made the cost of not doing it catastrophic. Every vendor at RSAC verified who the agent was. None of them tracked what the agent did.

Analysts are divided over whether Microsoft’s diversified business model is a long-term AI advantage or a convenient present-day excuse.

TheStreet aims to feature only the best products and services. If you buy something via one of our links, we may earn a commission.Why we love this dealWith spring in the air, shelving is flying off the shelves. With barbecue accessories, lawn care, gardening supplies, DIY tools, and outdoor sporting goods — like paddle boards or bike accessories — it’s no wonder you might need some extra storage space. Whether you need to tidy up your garage or make some more room in the mud room or pantry, a heavy-duty shelving unit is never a bad idea, especially if it’s under $40.The Sakugi 5-Tier Heavy-Duty Storage Shelf is a sturdy storage solution for anyone looking for extra storage. At just $34, this versatile shelf can be used anywhere in your home, and offers a 15% off savings for shoppers. The Amazon Spring Deals Sale is almost over, so take advantage of this price today.Sakugi 5-Tier Heavy-Duty Storage Shelf, $34 (was $40) at Amazon

Courtesy of Amazon

Shop at AmazonWhy do shoppers love it?With a weight capacity of up to 500 pounds, this 5-tier shelf is a great option for any type of storage. It features side hooks to hold gardening gloves, barbecue tongs, towels, or even jewelry and accessories in the closet. The utility hooks can be hung on any part of the wiring, or the side bars, or remove the hooks to hang flat towels, belts, or blankets. The small footprint offers easy storage for smaller spaces, like the bathroom or hall closet, while the 5 tiers, movable hooks, and wired shelving offer tons of storage space. Related: Walmart is selling an $89 tote tower that holds 250 pounds and makes garage storage so much easierThe shelf measures 18.1 inches wide, 12.4 inches deep, and 56.8 inches tall, with each shelf being able to hold up to 100 pounds, making it great for larger kitchen appliances, heavy tools, and more. The adjustable feet prevent wobbling on uneven surfaces, and the thickened, rust-proof rods are sturdy and easy to clean with a damp cloth. This shelf also excels as garden storage for damp soil or wet hoses as the wiring is waterproof and the design allows for easy air flow to keep everything dry, preventing moisture buildup and mold. It’s also a great option for drying out your paddleboard, rain boots, and more. Details to knowSize: The shelf measures 18.1 inches wide, 12.4 inches deep, and 56.8 inches tall.Weight Capacity: Each shelf holds up to 100 pounds.Storage options: This unit features hooks, hanging bars, and full shelves. One reviewer said, “It’s nice, sturdy, and works perfectly for storing my appliances that aren’t in use. Each shelf is fairly spacious, and there isn’t any sort of wobble that would make me think it isn’t sturdy.””This is a great little metal shelf. It holds a lot,” another shopper said. “It has accurate measurements, and it’s super easy to assemble.”Shop more dealsGolpart 5-Tier Shelving Rack, $37 (was $43) at AmazonWhitmor 5-Tier Shelving Unit with 2000-Pound Capacity, $48 (was $56) at AmazonSingaye Small Adjustable 5-Tier Kitchen Rack, $30 (was $40) at AmazonThe Sakugi 5-Tier Heavy-Duty Storage Shelf is versatile, easy to use, and holds lots of weight. Hang accessories, kitchen utensils, backpacks, and more on the hooks, and use it in the pantry, garage, laundry room, hallway, and more; the options are endless. For just $34, this shelving unit is a great deal, offering shoppers a savings of 15% off.

Cuba’s power grid collapse isn’t just the product of American foreign policy, its the culmination of years of policy failures.

“Five Nights at Freddy’s 2,” the horror hit starring Josh Hutcherson and Matthew Lillard, is making its streaming video on demand debut on Peacock this week. Find out when you can watch the movie on the platform.