One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Widely used Daemon Tools disk app backdoored in monthlong supply-chain attack

Daemon Tools, a widely used app for mounting disk images, has been backdoored in a monthlong compromise that has pushed ...

Google now offers up to $1.5 million for some Android exploits

Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...