A massive supply chain attack called ClawHavoc has compromised ClawHub, the official skill marketplace for OpenClaw, an open-source AI agent formerly known as ClawdBot and Moltbot. Researchers uncovered at least 1,184 malicious “Skills” plugin-style packages that extend the agent’s capabilities through scripts, configs, and resources. Attackers registered as developers and flooded the platform with these […] The post ClawHavoc Poisons OpenClaw’s ClawHub With 1,184 Malicious Skills appeared first on Cyber Security News.