Articles Tagged "Supply Chain Attack"

The Claw Security Ledger - 10 Products in the Dock

The Claw Security Ledger - 10 Products in the Dock

We audited ten AI agent products sold under the Claw name. The ledger shows 11 live CVEs, 130 published advisories, 1,184 malicious marketplace skills, and one leaked SSL private key - concentrated almost entirely in a single vendor.

Vercel Breach Traced to AI Office Suite OAuth Token Theft

Vercel Breach Traced to AI Office Suite OAuth Token Theft

Vercel confirms an April 19 intrusion that pivoted from compromised OAuth tokens at AI office-suite startup Context.ai into a Vercel employee's Google Workspace, then into internal systems holding non-sensitive environment variables for a limited set of customer projects.