267/69 Monday, May 18, 2026 Researchers from Cyera disclosed four vulnerabilities in OpenClaw, collectively referred to as “Claw Chain.” These vulnerabilities affect all OpenClaw versions prior to the patch released on April 23, 2026. They could be chained together to steal data, plant backdoors, and gain high-level control over affected systems. The report stated that […]
266/69 Monday, May 18, 2026 OpenAI disclosed that a supply chain attack involving malicious packages in the TanStack ecosystem resulted in the compromise of two employee devices. The incident also led to the exposure of some credentials from internal source code repositories. The attack has been linked to the threat group TeamPCP, which abused the […]
265/69 Monday, May 18, 2026 E-commerce security company Sansec has detected a cyberattack targeting online stores running WooCommerce. Threat actors exploited a high-severity vulnerability in the WordPress Funnel Builder plugin to inject malicious JavaScript code into checkout pages. The vulnerability affects all plugin versions earlier than 3.15.0.3. At present, the plugin is actively used by […]
