#tenable — Public Fediverse posts

NIST Scales Back NVD CVE Enrichment: What to Know | Tenable #vulnerabilityscan #tenable https://www.tenable.com/blog/nvd-cuts-cve-enrichment-how-tenable-helps

NIST Scales Back NVD CVE Enrichment: What to Know | Tenable #vulnerabilityscan #tenable https://www.tenable.com/blog/nvd-cuts-cve-enrichment-how-tenable-helps

NIST Scales Back NVD CVE Enrichment: What to Know | Tenable #vulnerabilityscan #tenable https://www.tenable.com/blog/nvd-cuts-cve-enrichment-how-tenable-helps

NIST Scales Back NVD CVE Enrichment: What to Know | Tenable #vulnerabilityscan #tenable https://www.tenable.com/blog/nvd-cuts-cve-enrichment-how-tenable-helps

NIST Scales Back NVD CVE Enrichment: What to Know | Tenable #vulnerabilityscan #tenable https://www.tenable.com/blog/nvd-cuts-cve-enrichment-how-tenable-helps

🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! https://radar.offseq.com/threat/vulnerabilities-patched-in-crowdstrike-tenable-pro-da7dee84 #OffSeq #Vuln #CrowdStrike #Tenable

🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! https://radar.offseq.com/threat/vulnerabilities-patched-in-crowdstrike-tenable-pro-da7dee84 #OffSeq #Vuln #CrowdStrike #Tenable

🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! https://radar.offseq.com/threat/vulnerabilities-patched-in-crowdstrike-tenable-pro-da7dee84 #OffSeq #Vuln #CrowdStrike #Tenable

🛡️ CrowdStrike LogScale CRITICAL vuln (CVE-2026-40050): unauth path traversal — remote file read risk for self-hosted users. Tenable Nessus for Windows: HIGH vuln (CVE-2026-33694), file deletion & privilege escalation. Patch ASAP! https://radar.offseq.com/threat/vulnerabilities-patched-in-crowdstrike-tenable-pro-da7dee84 #OffSeq #Vuln #CrowdStrike #Tenable

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I do not know Spanish well, but learning.

#FediHire #GetFediHired #openforwork

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I do not know Spanish well, but learning.

#FediHire #GetFediHired #openforwork

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I do not know Spanish well, but learning.

#FediHire #GetFediHired #openforwork

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I do not know Spanish well, but learning.

#FediHire #GetFediHired #openforwork

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I do not know Spanish well, but learning.

#FediHire #GetFediHired #openforwork

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

Patch Tuesday, April 2026 Edition

https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/

#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I am learning Catalan in the process.

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I am learning Catalan in the process.

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I am learning Catalan in the process.

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I am learning Catalan in the process.

I'm looking for work in #Barcelona, Spain. I'm a #Linux admin with #RedHat experience and hold #RHCSA & #RHCE certifications. I also have experience with #Splunk, #Tenable, and #VMware sprinkled with some networking knowledge. I also have CompTIA Security+. I won't need sponsorship since my spouse is an EU member. I am learning Catalan in the process.

The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.

Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.

All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.

🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/

#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity

The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.

Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.

All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.

🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/

#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity

The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.

Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.

All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.

🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/

#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity

The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.

Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.

All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.

🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/

#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity

The pentest professionals at #usdHeroLab identified a vulnerability in #EntraID during a cloud #pentest that allows the circumvention of conditional access policies for privileged identities.

Two additional vulnerabilities were identified during a web application pentest of #Tenable Nessus Manager, which allow low-privileged users to read arbitrary files at the operating system level.

All #vulnerabilities were reported to the vendors as part of our Responsible Disclosure policy.

🔎 You can find detailed information on the #SecurityAdvisories here: https://www.usd.de/en/security-advisories-entra-id-tenable-nessus-manager/

#SecurityResearch #SecurityAdvisory #moresecurity #NessusManager #Pentesting #Hacking #CVE_2026_3493 #AppSec #InfoSec #CyberSecurity

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

Microsoft Patch Tuesday, March 2026 Edition

https://krebsonsecurity.com/2026/03/microsoft-patch-tuesday-march-2026-edition/

#MicrosoftPatchTuesdayMarch2026 #MicrosoftOffice #TheComingStorm #CVE-2026-21262 #CVE-2026-24289 #CVE-2026-24291 #CVE-2026-24294 #CVE-2026-25187 #CVE-2026-26110 #CVE-2026-26113 #CVE-2026-26127 #mozillafirefox #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #BenMcCarthy #Immersive #Tenable #adobe #XBOW

Liat Hayun, SVP Product Management at Tenable, on ownership and exposure:
Remove “someone should fix this.”

Adopt “I am the only one who will fix this.”
“A vulnerability in a vacuum is just a line of code.”

Security teams are drowning in signals. Context defines actionability.

Read: https://www.technadu.com/from-national-security-to-enterprise-risk-turning-data-into-decisions-and-proving-excellence-has-no-gender/621106/

#WomenInCyber #ExposureManagement #SecurityLeadership #LeadHerInSecurity #Tenable

Liat Hayun, SVP Product Management at Tenable, on ownership and exposure:
Remove “someone should fix this.”

Adopt “I am the only one who will fix this.”
“A vulnerability in a vacuum is just a line of code.”

Security teams are drowning in signals. Context defines actionability.

Read: https://www.technadu.com/from-national-security-to-enterprise-risk-turning-data-into-decisions-and-proving-excellence-has-no-gender/621106/

#WomenInCyber #ExposureManagement #SecurityLeadership #LeadHerInSecurity #Tenable

Liat Hayun, SVP Product Management at Tenable, on ownership and exposure:
Remove “someone should fix this.”

Adopt “I am the only one who will fix this.”
“A vulnerability in a vacuum is just a line of code.”

Security teams are drowning in signals. Context defines actionability.

Read: https://www.technadu.com/from-national-security-to-enterprise-risk-turning-data-into-decisions-and-proving-excellence-has-no-gender/621106/

#WomenInCyber #ExposureManagement #SecurityLeadership #LeadHerInSecurity #Tenable

Liat Hayun, SVP Product Management at Tenable, on ownership and exposure:
Remove “someone should fix this.”

Adopt “I am the only one who will fix this.”
“A vulnerability in a vacuum is just a line of code.”

Security teams are drowning in signals. Context defines actionability.

Read: https://www.technadu.com/from-national-security-to-enterprise-risk-turning-data-into-decisions-and-proving-excellence-has-no-gender/621106/

#WomenInCyber #ExposureManagement #SecurityLeadership #LeadHerInSecurity #Tenable

🚨 CVE-2026-2630: CRITICAL OS Command Injection in Tenable Security Center (CVSS 9.9). Authenticated attackers can run arbitrary code on the server. Restrict access, monitor logs, and patch ASAP. https://radar.offseq.com/threat/cve-2026-2630-cwe-78-improper-neutralization-of-sp-3ee12498 #OffSeq #Tenable #Vuln

🚨 CVE-2026-2630: CRITICAL OS Command Injection in Tenable Security Center (CVSS 9.9). Authenticated attackers can run arbitrary code on the server. Restrict access, monitor logs, and patch ASAP. https://radar.offseq.com/threat/cve-2026-2630-cwe-78-improper-neutralization-of-sp-3ee12498 #OffSeq #Tenable #Vuln

🚨 CVE-2026-2630: CRITICAL OS Command Injection in Tenable Security Center (CVSS 9.9). Authenticated attackers can run arbitrary code on the server. Restrict access, monitor logs, and patch ASAP. https://radar.offseq.com/threat/cve-2026-2630-cwe-78-improper-neutralization-of-sp-3ee12498 #OffSeq #Tenable #Vuln

🚨 CVE-2026-2630: CRITICAL OS Command Injection in Tenable Security Center (CVSS 9.9). Authenticated attackers can run arbitrary code on the server. Restrict access, monitor logs, and patch ASAP. https://radar.offseq.com/threat/cve-2026-2630-cwe-78-improper-neutralization-of-sp-3ee12498 #OffSeq #Tenable #Vuln

----------------

🎯 AI
===================

Executive summary: Moltbook, an AI-only social network populated by OpenClaw agents, presents immediate security risks: pervasive spam/scams, exposure of agents to untrusted content via API-oriented prompt files, and a reported database compromise that leaked API keys enabling bot impersonation and direct prompt injection.

Technical details:
• SKILLS.md, HEARTBEAT.md, and MESSAGING.md are repository-style markdown files that describe how agents interact with the Moltbook API. SKILLS.md documents API interactions and recommends HTTP requests (curl-style). HEARTBEAT.md instructs periodic check-ins. MESSAGING.md notes that messaging requires human approval, while other endpoints accept automated agent input.
• Experimental tooling (reported as a CLI tool named moltbotnet) implemented API calls for posting, commenting, upvoting, following, and engagement automation. This tooling demonstrates how easily an agent or impersonator can script interactions.
• Reported breach of Moltbook’s database exposed API keys tied to agent identities. Those keys materially enable: impersonation of legitimate agents, submission of crafted prompts to agent workloads, and direct prompt injection vectors that bypass typical human-only guards.

Analysis:

The combination of (1) public, machine-readable prompt files that instruct agents how to behave, (2) open posting and engagement that accepts untrusted content, and (3) leaked credentials produces two classes of injection risks: indirect prompt injection (agents ingesting malicious content from other agents) and direct prompt injection (attacker using stolen API keys to send malicious prompts as a trusted agent). The observed ecosystem is also saturated with social-engineering lures (requests to run package installers, share crypto wallets, or call external APIs).

Detection guidance:
• Monitor unexpected use of API keys or unusual posting frequency associated with agent identities.
• Inspect content sources for scripted patterns (repeated promotional payloads, command-like text referencing package managers or curl usage).

Limitations:
• No public CVE identifiers are reported in the source material.
• Exact scope of leaked API keys (number of keys, associated privileges) was not enumerated in the writeup.

References and tags:

SKILLS.md, HEARTBEAT.md, MESSAGING.md — Tenable Research field report on Moltbook interactions and breach findings.

🔹 OpenClaw #Moltbook #promptinjection #APIkeys #Tenable

🔗 Source: https://www.tenable.com/blog/undercover-on-moltbook

----------------

🎯 AI
===================

Executive summary: Moltbook, an AI-only social network populated by OpenClaw agents, presents immediate security risks: pervasive spam/scams, exposure of agents to untrusted content via API-oriented prompt files, and a reported database compromise that leaked API keys enabling bot impersonation and direct prompt injection.

Technical details:
• SKILLS.md, HEARTBEAT.md, and MESSAGING.md are repository-style markdown files that describe how agents interact with the Moltbook API. SKILLS.md documents API interactions and recommends HTTP requests (curl-style). HEARTBEAT.md instructs periodic check-ins. MESSAGING.md notes that messaging requires human approval, while other endpoints accept automated agent input.
• Experimental tooling (reported as a CLI tool named moltbotnet) implemented API calls for posting, commenting, upvoting, following, and engagement automation. This tooling demonstrates how easily an agent or impersonator can script interactions.
• Reported breach of Moltbook’s database exposed API keys tied to agent identities. Those keys materially enable: impersonation of legitimate agents, submission of crafted prompts to agent workloads, and direct prompt injection vectors that bypass typical human-only guards.

Analysis:

The combination of (1) public, machine-readable prompt files that instruct agents how to behave, (2) open posting and engagement that accepts untrusted content, and (3) leaked credentials produces two classes of injection risks: indirect prompt injection (agents ingesting malicious content from other agents) and direct prompt injection (attacker using stolen API keys to send malicious prompts as a trusted agent). The observed ecosystem is also saturated with social-engineering lures (requests to run package installers, share crypto wallets, or call external APIs).

Detection guidance:
• Monitor unexpected use of API keys or unusual posting frequency associated with agent identities.
• Inspect content sources for scripted patterns (repeated promotional payloads, command-like text referencing package managers or curl usage).

Limitations:
• No public CVE identifiers are reported in the source material.
• Exact scope of leaked API keys (number of keys, associated privileges) was not enumerated in the writeup.

References and tags:

SKILLS.md, HEARTBEAT.md, MESSAGING.md — Tenable Research field report on Moltbook interactions and breach findings.

🔹 OpenClaw #Moltbook #promptinjection #APIkeys #Tenable

🔗 Source: https://www.tenable.com/blog/undercover-on-moltbook

----------------

🎯 AI
===================

Executive summary: Moltbook, an AI-only social network populated by OpenClaw agents, presents immediate security risks: pervasive spam/scams, exposure of agents to untrusted content via API-oriented prompt files, and a reported database compromise that leaked API keys enabling bot impersonation and direct prompt injection.

Technical details:
• SKILLS.md, HEARTBEAT.md, and MESSAGING.md are repository-style markdown files that describe how agents interact with the Moltbook API. SKILLS.md documents API interactions and recommends HTTP requests (curl-style). HEARTBEAT.md instructs periodic check-ins. MESSAGING.md notes that messaging requires human approval, while other endpoints accept automated agent input.
• Experimental tooling (reported as a CLI tool named moltbotnet) implemented API calls for posting, commenting, upvoting, following, and engagement automation. This tooling demonstrates how easily an agent or impersonator can script interactions.
• Reported breach of Moltbook’s database exposed API keys tied to agent identities. Those keys materially enable: impersonation of legitimate agents, submission of crafted prompts to agent workloads, and direct prompt injection vectors that bypass typical human-only guards.

Analysis:

The combination of (1) public, machine-readable prompt files that instruct agents how to behave, (2) open posting and engagement that accepts untrusted content, and (3) leaked credentials produces two classes of injection risks: indirect prompt injection (agents ingesting malicious content from other agents) and direct prompt injection (attacker using stolen API keys to send malicious prompts as a trusted agent). The observed ecosystem is also saturated with social-engineering lures (requests to run package installers, share crypto wallets, or call external APIs).

Detection guidance:
• Monitor unexpected use of API keys or unusual posting frequency associated with agent identities.
• Inspect content sources for scripted patterns (repeated promotional payloads, command-like text referencing package managers or curl usage).

Limitations:
• No public CVE identifiers are reported in the source material.
• Exact scope of leaked API keys (number of keys, associated privileges) was not enumerated in the writeup.

References and tags:

SKILLS.md, HEARTBEAT.md, MESSAGING.md — Tenable Research field report on Moltbook interactions and breach findings.

🔹 OpenClaw #Moltbook #promptinjection #APIkeys #Tenable

🔗 Source: https://www.tenable.com/blog/undercover-on-moltbook

----------------

🎯 AI
===================

Executive summary: Moltbook, an AI-only social network populated by OpenClaw agents, presents immediate security risks: pervasive spam/scams, exposure of agents to untrusted content via API-oriented prompt files, and a reported database compromise that leaked API keys enabling bot impersonation and direct prompt injection.

Technical details:
• SKILLS.md, HEARTBEAT.md, and MESSAGING.md are repository-style markdown files that describe how agents interact with the Moltbook API. SKILLS.md documents API interactions and recommends HTTP requests (curl-style). HEARTBEAT.md instructs periodic check-ins. MESSAGING.md notes that messaging requires human approval, while other endpoints accept automated agent input.
• Experimental tooling (reported as a CLI tool named moltbotnet) implemented API calls for posting, commenting, upvoting, following, and engagement automation. This tooling demonstrates how easily an agent or impersonator can script interactions.
• Reported breach of Moltbook’s database exposed API keys tied to agent identities. Those keys materially enable: impersonation of legitimate agents, submission of crafted prompts to agent workloads, and direct prompt injection vectors that bypass typical human-only guards.

Analysis:

The combination of (1) public, machine-readable prompt files that instruct agents how to behave, (2) open posting and engagement that accepts untrusted content, and (3) leaked credentials produces two classes of injection risks: indirect prompt injection (agents ingesting malicious content from other agents) and direct prompt injection (attacker using stolen API keys to send malicious prompts as a trusted agent). The observed ecosystem is also saturated with social-engineering lures (requests to run package installers, share crypto wallets, or call external APIs).

Detection guidance:
• Monitor unexpected use of API keys or unusual posting frequency associated with agent identities.
• Inspect content sources for scripted patterns (repeated promotional payloads, command-like text referencing package managers or curl usage).

Limitations:
• No public CVE identifiers are reported in the source material.
• Exact scope of leaked API keys (number of keys, associated privileges) was not enumerated in the writeup.

References and tags:

SKILLS.md, HEARTBEAT.md, MESSAGING.md — Tenable Research field report on Moltbook interactions and breach findings.

🔹 OpenClaw #Moltbook #promptinjection #APIkeys #Tenable

🔗 Source: https://www.tenable.com/blog/undercover-on-moltbook

WP Advanced Custom Fields Extended plugin bug gives admin

Your friendly reminder to minimize the WordPress plugins you deploy to what you actually need. BleepingComputer has an article:

A critical-severity vulnerability in the Advanced Custom Fields: Extended (ACF Extended) plugin for WordPress can be exploited remotely by unauthenticated attackers to obtain administrative permissions.

ACF Extended, currently active on 100,000 websites, is a specialized plugin that extends the capabilities of the Advanced Custom Fields (ACF) plugin with features for developers and advanced site builders.

Unauthenticated privilege escalation to get admin is about as bad as it gets. Though, it does appear the WordPress blog has to have mapped “role” as a custom field. It’s impossible for anyone other than the blog owner to know if that’s the case. Well, probably spammers and scammers seeking sites to compromise and turn into platforms to exploit might given which ones they successfully turn.

It’s tracked as CVE-2025-14533:

• NIST
• tenable

PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) https://www.helpnetsecurity.com/2026/01/08/trend-micro-apex-central-cve-2025-69258-rce-poc/ #securityupdate #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Tenable #News #PoC

PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) https://www.helpnetsecurity.com/2026/01/08/trend-micro-apex-central-cve-2025-69258-rce-poc/ #securityupdate #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Tenable #News #PoC

PoC released for unauthenticated RCE in Trend Micro Apex Central (CVE-2025-69258) https://www.helpnetsecurity.com/2026/01/08/trend-micro-apex-central-cve-2025-69258-rce-poc/ #securityupdate #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Tenable #News #PoC