The Security Ledger

Technology’s “Upside Down”? Software Supply Chain

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.
CSO Online

Critical RCE bugs expose the n8n automation platform to host‑level compromise

A JavaScript sandbox bug rated CVSS 9.9 enables attackers to bypass AST‑based protections, while a Python execution bypass ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...

New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

Moltbot (Formerly Clawdbot) Already Has a Malware Problem

A Microsoft Visual Studio Code extension for Moltbot turns out to actually deliver a malware payload to unsuspecting users.

Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
PCMag on MSN

Clawdbot (Now Moltbot) Is the Hot New AI Agent, But Is It Safe to Use?

The defining features of this agent are the ability to take actions without you needing to prompt it, and that it make those ...