Threats Tagged 'affiliate injection'
View all threats tagged with 'affiliate injection'. Filter and sort to focus on specific types of threats.
Stop chasing alerts. Route them.
Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.
Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)
API access activates after upgrading in Console -> Billing.
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.
Filter Threats
Narrow down the results by type, severity, or affected countries
Threats Tagged 'affiliate injection'
Click on any threat for detailed analysis and mitigation recommendations
Skill Marketplace and the Emerging AI Supply Chain Threat 0 Between February and May 2026, researchers identified five malicious skills on ClawHub, OpenClaw's AI agent marketplace, that evaded detection by VirusTotal and ClawScan. The threats included two macOS infostealers communicating with command-and-control infrastructure, one skill using file padding to bypass scanner thresholds, and two novel agentic threats exploiting the AI supply chain for financial gain. The infostealers delivered payloads including AMOS malware through Base64-encoded droppers and paste-site redirects. One skill implemented runtime affiliate injection by forcing agents to recommend products through malicious referral links, while another orchestrated a front-running scheme using coordinated AI agents to manipulate cryptocurrency token launches. These attacks demonstrate how malicious actors exploit semantic instruction hijacking and the lack of isolation between skill logic and agent authority to compromise AI agent ecosystems. Join the discussion | AlienVault OTX General | 06/24/2026, 03:38:22 UTC Added: 06/24/2026, 17:40:26 UTC |
Showing 1 to 1 of 1 result