The Hacker News
@thehackernews
A flaw in ClawHub let attackers fake download counts to rank #1.
An exposed backend function had no auth or limits, allowing anyone to inflate downloads and push malicious skills to the top—creating false trust and enabling code execution at scale.
�� How attackers manipulated ClawHub rankings and spread malicious skills → https://thehackernews.com/2026/03/threatsday-bulletin-pqc-push-ai-vuln.html#bug-lets-attackers-fake-rankings
An exposed backend function had no auth or limits, allowing anyone to inflate downloads and push malicious skills to the top—creating false trust and enabling code execution at scale.
�� How attackers manipulated ClawHub rankings and spread malicious skills → https://thehackernews.com/2026/03/threatsday-bulletin-pqc-push-ai-vuln.html#bug-lets-attackers-fake-rankings
😁 16
🔥 5
⚡ 2
👍 1
👏 1
21 9.2K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram