🚨 Claw Chain turns your AI agent against you: No credentials needed.
CVE-2026-44118 spoofs the senderIsOwner flag → attacker gains owner control. Then chains TOCTOU sandbox escapes + heredoc tricks for data theft → full persistence.
Update OpenClaw to 2026.4.22 NOW.
🚨 New large-scale #phishing attack targets U.S. organizations.
Fake event invitations can lead to stolen credentials, OTP interception, or remote access tool installation.
🎯 See how CISOs can close the access blind spot before impact: https://t.co/YyCBYSDs2S
🚨 A brand-squatting npm package impersonating TanStack shipped malicious versions that exfiltrate environment variables from developers’ machines during install.
We spoke to @tannerlinsley, creator of @tan_stack, who confirmed that the maintainer of the unscoped tanstack package is not associated with TanStack or the official @tanstack/* projects in any way. The package is unrelated to the project's official CLI, and represents an ongoing brandjacking issue.
He also said TanStack has filed legal documents related to a pending trademark infringement claim against the maintainer, that the maintainer previously demanded $10,000 from him, and that TanStack has repeatedly tried, unsuccessfully, to get @npmjs to address the situation.
The latest from our team, command injection in OpenAI Codex via Github branch names. Bug has been fixed but interesting read given how rapidly orgs are sprawling privilege via various AI workloads.
📰Today in TeamPCP:
1. TeamPCP appears to have gone on a mole hunt and done some infighting
2. Aqua published their post-mortem
3. (I saw) ownCloud published a note on major impact from the Trivy incident
4. I've analyzed blast radius on LiteLLM (120k) and Telnyx (750)
🚨 Security Alert 🚨
The PyPI package litellm has been found to contain a malicious payload in versions 1.82.7 and 1.82.8.
If you're using these versions, take immediate action to review and mitigate potential impact.
More details will be shared soon.
This new worm, CanisterWorm, makes use of an ICP canister as its dead-drop C2 resolver. Very clever. They appear to have caused community spread very quickly.
More malicious packages were just released by both of the compromised scopes we've already seen, as of a few minutes ago. We've updated our blog post with a more in-depth analysis of the worm and attack:
https://t.co/50WR6nhPdV
🚨ELON MUSK SLAYS THE MAINSTREAM MEDIA AT UNITE THE KINGDOM
"The BBC is complicit in the destruction of Britain... you're forced to pay for your own destruction, it's insane, it's unfair, it is wrong"
If you agree with Elon
DON'T PAY THE LICENSE FEE 🚫
in the dystopian society of the future everyone wears camera glasses that livestream their pov to tiktok.
everyone walks around in camera glasses broadcasting to the world. privacy no longer exists. the last remnant of it is an infrequently updated pdf of public places where camera glasses don't work
🚨🇮🇹Alleged Sale of 20.8K Passport and ID Scans from Astoria Suite Hotel
• Industry: Hospitality
• Threat Actor: mydocs
• Network: Clearnet, Dark Web
• Details: A threat actor is allegedly selling a dataset containing approximately 20,800 scanned passports and national ID cards belonging to international guests of the Astoria Suite Hotel, a 4-star establishment in Rimini, Italy. The data was reportedly obtained in late July 2025 through unauthorized access to the hotel’s guest management system.
💰 Price: 10,000$ (Negotiable)