OpenClaw's skill marketplace filled up with malware and nobody in security was surprised. Here's what it tells us about AI agent platforms, software supply chains, and the mistake the industry keeps making.
Patching isn't enough when the credentials were already stolen. Here's how to assess your exposure, rotate credentials completely, and ask your vendors the questions that matter.
Bitwarden, Trivy, Checkmarx, LiteLLM. These aren't separate incidents. They're one attack, still running, with stolen credentials still being spent today.