4 articles tagged with "Ai Agent"
Sysdig documents the first AI-agent-driven intrusion: attackers exploited Marimo CVE-2026-39987, then used an LLM agent to pivot through AWS and exfiltrate a PostgreSQL database in under an hour.
CVE-2026-44211 (CVSS 9.7) allowed malicious websites to hijack Cline's Kanban WebSocket server, exfiltrate workspace data, and execute arbitrary commands through the AI agent. Patched in v0.1.66.
Threat actors bypass ClawHub security by hiding Base64 payloads in fake troubleshooting comments. Atomic Stealer delivered to unsuspecting OpenClaw users.
Security researchers uncover ClawHavoc campaign distributing Atomic Stealer through fake cryptocurrency and productivity tools on ClawHub marketplace.