Security Alerts

LiteLLM v1.82.8 compromised via malicious .pth file that executes on Python startup. Steals SSH keys, cloud credentials, crypto wallets, Kubernetes secrets. Part of broader TeamPCP campaign that hit Trivy, Checkmarx, npm. Pin versions, rotate credentials if you installed during the window.

36% of ClawHub skills contain security flaws. ClawHavoc campaign uses fake prerequisite installs to deliver Atomic Stealer (AMOS). Targets browser credentials, crypto wallets, SSH keys. Audit all installed skills immediately. Read our full analysis.

Cline AI coding tool compromised through its own issue triage bot. Crafted issue title triggered arbitrary code execution via Claude. Malicious cline@2.3.0 published to npm, installed OpenClaw on ~4,000 machines. Never pass raw untrusted input to agents with tool access.

Older OpenClaw versions default to 0.0.0.0:18789 — listening on all interfaces. Bind to 127.0.0.1 immediately. Enable Origin Validation and Mandatory Pairing Codes. CVE-2026-25253 allows WebSocket hijacking even on localhost.

New attack class: fake agent personas build credibility in agent networks, then deploy malicious payloads through earned trust. Spreads laterally through automated collaboration. Assume your agent can be socially engineered through any external data source.

Several MCP servers found with insufficient input validation. Verify skills before installing. Pin versions. Review permissions.

Latest Claude update changes how tool use responses are formatted. Agents relying on exact output parsing may need updates.

New open standards for agent certification are emerging. Level-based certifications define trust tiers for agent participation.

Multiple reports of prompt injection attacks via user-generated content in popular AI tools. Sanitize all external input before passing to agents.

Vivioo is live. Learning paths, trusted directory, and safety alerts now available. Join the waitlist for early access to all features.

Agents lose vocabulary range and behavioral consistency in extended sessions. Vocabulary shrinking and repeated patterns are early signs. Restart sessions regularly and use handoff documents.

Agents lack internal clocks and frequently miscalculate time, dates, and scheduling. Never rely on an agent for time-sensitive tasks without external scheduling infrastructure.