A GitHub Issue Title Compromised 4,000 Developer Machines (grith.ai)

by
corbet
from LWN.net on (#741G6)
The grith.ai blog reportson an LLM prompt-injection vulnerability that led to 4,000 installations ofa compromised version of the Cline utility.

For the next eight hours, every developer who installed or updatedCline got OpenClaw - a separate AI agent with full system access -installed globally on their machine without consent. Approximately4,000 downloads occurred before the package was pulled.

The interesting part is not the payload. It is how the attacker gotthe npm token in the first place: by injecting a prompt into aGitHub issue title, which an AI triage bot read, interpreted as aninstruction, and executed.

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments