Blog

Security insights, vulnerability roundups, and updates from the Agent Breach team.

Security email updates

One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.

Malicious AI Agent Skill Bypasses Security Scanners, Reaches 26K Deployments

Security researchers demonstrated a critical gap in AI agent skill marketplaces by deploying a fake skill that evaded all security scanners and reached approximately 26,000 agents, including corporate deployments. The proof-of-concept highlights how current detection mechanisms fail to catch malicious agent capabilities before distribution.

Read more

ShapedPlugin WordPress Plugins Backdoored in Supply Chain Attack

Threat actors compromised the build and distribution pipeline of ShapedPlugin, injecting backdoor code into multiple WordPress Pro plugins distributed via official licensed update channels. The attack highlights critical risks in third-party plugin supply chains affecting thousands of WordPress sites.

Read more

WhatsApp Campaign Distributes Malicious VBScript to Install RMM Tools

Attackers are leveraging WhatsApp Desktop and Web to distribute VBScript files disguised as legitimate documents, leading to unauthorized installation of ManageEngine RMM software. The campaign, identified by Kaspersky, targets users across multiple countries including Malaysia, Brazil, India, and the UK.

Read more

Four Critical Tomcat Vulnerabilities Expose DoS, RCE, and Auth Bypass Risks

Ubuntu security advisory USN-8450-1 addresses four vulnerabilities in Apache Tomcat affecting memory consumption, HTTP/2 validation, credential exposure, and authorization enforcement. Organizations running Tomcat should prioritize patching to mitigate denial-of-service, remote code execution, and access control bypass threats.

Read more