⚠️ Attackers poisoned Hugging Face & ClawHub (OpenClaw) with 575+ malicious skills from just 13 accounts.
🔸 Fake helpful AI tools that install trojans, miners & stealers (Windows + macOS)
🔸 Use hidden commands & indirect prompt injection
Quick action: Never install random AI skills or models. Always verify the source.
Read: https://t.co/CmdDBXuzTy
Our security bug bounty program is now public on HackerOne.
We've run the program privately within the security research community, and their findings have strengthened our products. Now anyone can report vulnerabilities and get rewarded.
Read more: https://t.co/li1QvSTCMs
🛑 WARNING: Bitwarden CLI was compromised in a supply chain attack.
@bitwarden/[email protected] included malicious code after attackers hijacked GitHub Actions, stole secrets, and pushed a tampered version to npm.
🔗 Learn how the attack worked → https://t.co/xqqJ7a9REL
🛡️ Clawdbot Gateways Exposed - Hundreds of API Keys and Private Chats Vulnerable
Source: https://t.co/ivjiDRAUh4
Clawdbot, the surging open-source AI agent gateway, faces escalating security concerns, with hundreds of unauthenticated instances exposed online and multiple code flaws that enable credential theft and remote code execution.
Services like Shodan and Censys index HTTP fingerprints, such as favicons or specific phrases, enabling rapid discovery. Similar scans revealed over 900 exposed Gateways on port 18789, many of which were unauthenticated.
#cybersecurityNews #vulnerability #Clawdbot
This November, history changes.
An NVIDIA H100 GPU—100 times more powerful than any GPU ever flown in space—launches to orbit.
It will run Google's Gemma—the open-source version of Gemini. In space. For the first time.
First AI training in orbit. First model fine-tuning in space. First high-powered inference beyond Earth.
And the CEO just said: "Within 10 years, almost all new datacenters will be built in space."
This is Starcloud-1. Here's why it matters.
🕵️ China says the NSA hacked its national time servers — the system that keeps everything in sync.
If that clock went down, it could’ve hit banks, power grids, even space launches.
The attack used foreign SMS exploits, forged certs, and 42 stealth tools.
Read → https://t.co/COxzgZxUbD
Oxford researchers just confirmed what we feared:
The internet as we knew it is dying.
AI content went from ~5% in 2020 to 48% by May 2025. Projections say 90%+ by next year.
Why? AI articles cost <$0.01. Human writers cost $10-100.
But the real crisis is model collapse. When AI trains on AI-generated content, quality degrades like photocopying a photocopy. Rare ideas disappear. Everything converges to generic sameness.
It's recursive. Today's AI slop becomes tomorrow's training data, producing worse output, which becomes training data again.
AIR INDIA CRASH
- Boeing 787 Dreamliner crashed near Ahmedabad, was on route to London.
- Crashed soon after take off, near a residential area close to the airport
- Indian media reports flight was carrying as many as 242 people on board
Did I read that correctly? Insufficient data storage 🤯
Thailand slammed for failure to collect biometric data from 17 million arrivals
https://t.co/fXUMITBqNf
Get instant updates with the SCMP app. Download now:
https://t.co/VUP1aQfnqV
T-Mobile confirms it was hacked in the wave of recently reported telecom breaches conducted by Chinese threat actors to gain access to private communications, c…
Source: BleepingComputer https://t.co/e3ebyd0g8g