Cve-2026-44112 | GRID THE GREY

LIVE THREATS

CRITICAL Four OpenClaw Flaws Chain Together for Full AI Agent Compromise // CRITICAL Malicious node-ipc Versions Target Cloud, AI Tool Credentials via Supply Chain Backdoor // MEDIUM Microsoft Outlines Defense-in-Depth Framework for Autonomous AI Agents // MEDIUM Rust Compiler Project Drafts Formal LLM Contribution Policy // HIGH TanStack Supply Chain Attack Compromises OpenAI Developer Devices and Signing Certificates // HIGH TeamPCP Steals 5GB of Mistral AI Source Code via Supply Chain Attack // MEDIUM Agentic AI Red Teaming Emerges as Defence Against AI-Speed Attack Chains // HIGH AI Agents Weaponised to Generate Custom Attack Tools in LatAm Campaigns // HIGH GPT-5.5 Matches Specialist Models in Vulnerability Discovery, Democratising Cyber Offence // HIGH Microsoft MDASH Agentic AI System Discovers 16 Critical Windows Vulnerabilities //

1 report

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

Four OpenClaw Flaws Chain Together for Full AI Agent Compromise

ATLAS OWASP CRITICAL The Hacker News May 15, 2026 ▲ 8.9

Four OpenClaw Flaws Chain Together for Full AI Agent Compromise

Researchers at Cyera disclosed four vulnerabilities in OpenClaw, an AI agent runtime platform, that can be chained to achieve credential theft, privilege escalation, and persistent backdoor access. …

AML.T0051 - LLM Prompt Injection AML.T0057 - LLM Data Leakage AML.T0018 - Backdoor ML Model