PurpleBox

The timeline is accelerating: • Jul 2025: CVSS 9.6 RCE in mcp-remote • Jan 2026: ClawHavoc (1,100+ malicious skills) • Feb 2026: 118 vulns across 68 MCP servers • Feb 2026: Zero-click RCE in Claude Desktop Extensions • Feb 2026: 300K AI creds on dark web (IBM X-Force)

AI agent supply chain attacks are worse than npm. The "lethal trifecta": → Persistent access to private data → Exposure to untrusted content → Autonomous external communication Plus: memory poisoning. Reprogram the AI's identity. No crash. No SIEM alert.

🧵 The npm moment for AI agents just arrived. ClawHavoc: 1,100+ malicious skills planted in ClawHub. One attacker uploaded 677 packages. 12% of the registry compromised. IBM found 300K AI credentials on the dark web. Here's how they got there:

Full technical breakdown with: • Detailed CVE analysis • Detection queries (KQL, Splunk) • Remediation steps & ASR rule configs • Timeline recommendations 👉 https://t.co/KLUcTtEcek

🚨 Microsoft's February Patch Tuesday just dropped 6 actively exploited zero-days. If you're running Windows or Azure and haven't patched yet, attackers are already scanning for your systems. Here's what you need to know (and do) RIGHT NOW 🧵👇

✅ ACTION 3: Review privileged access • Who has admin rights? • Is MFA enforced on privileged accounts? • Are privileged sessions monitored? • Can you restore from backups in <4 hours? Defense in depth matters.

Moltbook patched it Feb 1-2, but the credentials are still compromised. If your org uses AI agents, you need to audit what's deployed. Full incident brief with technical details and recommendations: https://t.co/fsRgUDJNl9

1.5 million API keys just leaked from a social network you've probably never heard of. The scary part? Your organization might be one of the 6,000+ that had credentials exposed — and you wouldn't know it. Here's what happened with Moltbook 🧵

Root cause: database misconfiguration + no row-level security + storing keys in plaintext. But the deeper issue? Shadow AI. Employees are deploying agents without IT approval. Your security team doesn't even know these keys exist.

Mid-market companies are in a uniquely dangerous spot in 2026: ⚡️Enterprise-grade threats 🏢Enterprise compliance requirements 🦺Enterprise insurance demands 💰A fraction of the budget A 90-day action plan with real costs and deadlines. https://t.co/roVhaI5q0S