Krebs on Security is a cybersecurity blog authored by Brian Krebs, an investigative journalist and cybersecurity expert. With a focus on cybercrime, hacking incidents, and data breaches, Krebs on Security provides  analysis, investigative reporting, and security research on emerging threats and cybersecurity trends. Developers and security professionals can learn about the latest cybersecurity threats, security best practices, and incident response strategies from Krebs' investigative reporting and expert analysis.

Krebs on Security

Autonomous AI agents like OpenClaw are rapidly gaining adoption among developers and IT workers, but they introduce serious new security risks. Misconfigured web interfaces expose full credentials and conversation histories. A supply chain attack on the Cline coding assistant used prompt injection to silently install a rogue AI agent on thousands of systems. Low-skilled attackers are now using commercial AI to automate large-scale cyberattacks, as demonstrated by a Russian threat actor compromising 600+ FortiGate devices across 55 countries. Security experts warn of a 'lethal trifecta' — agents with access to private data, untrusted content, and external communication channels — that makes data exfiltration trivial. Anthropic's Claude Code Security launch wiped $15B from cybersecurity stocks in a day, signaling AI's growing role in reshaping the security landscape.

How AI Assistants are Moving the Security Goalposts – Krebs on Security