3 articles connected to this topic.
Attackers exploited Anthropic's Claude Code source leak to create malicious GitHub repos promising 'enterprise features.' The ZIP archive installs Vidar info-stealer and GhostSocks proxy malware. A direct consequence of the March npm leak.
CVE-2026-33017, a critical code injection flaw in the Langflow AI agent framework, was weaponized within hours of disclosure. CISA added it to KEV. Here's what OpenClaw users need to know about the accelerating AI supply-chain threat.
Trend Micro rebranded to TrendAI and immediately shipped a product designed to monitor, govern, and intervene in autonomous AI agent workflows. The explicit trigger: frameworks like OpenClaw that can invoke APIs, move data, and trigger actions across enterprise systems without human oversight.