91 matches found
MAL-2026-6947 Malicious code in paperclip-host-utils (npm)
The package 'paperclip-host-utils' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, vps-adapter-cor...
Malicious code in paperclip-host-utils (npm)
The package 'paperclip-host-utils' is a purpose-built malware package published by the npm account 'srm0rgan' [email protected] as part of a coordinated campaign of fake 'Paperclip' VPS-maintenance adapters siblings: paperclip2, vps-maintenance, vps-maintenance-paperclip-adapter, vps-adapter-cor...
Malicious code in paperclip2 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b6fbcfc445b1a599943dac3ca0691633629c6804037b38fcf6113062f6add848 package.json declares a postinstall lifecycle script that runs node -e code opening a TCP connection to 185.112.147.174:7007 and piping the socket to...
Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more
This week's release includes five new modules, including a full unauthenticated RCE chain for Paperclip AI and a VS Code extension persistence technique. On the post-exploitation side, the new windows/local/ntlmrelay2self module coerces the local machine account to authenticate via...
Paperclip AI RCE using a chain of six API calls (CVE-2026-41679).
Paperclip is the operating system for your AI company. You set the goals, hire AI agents as employees, and watch them plan and execute work. Prior to version 2026.410.0, Paperclip allows for an unauthenticated RCE, tracked as CVE-2026-41679. An unauthenticated attacker can achieve full remote cod...
📄 Paperclip AI Remote Code Execution
Paperclip is the operating system for your AI company. You set the goals, hire AI agents as employees, and watch them plan and execute work. Prior to version 2026.410.0, Paperclip allows for unauthenticated remote code execution on any network-accessible instance running in authenticated mode wit...
CVE-2026-41679
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
CVE-2026-41208
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip serv...
45,000 Attacks, 5,300+ Backdoors Tied to China-Linked Cybercrime Operation
SOCRadar researchers have uncovered a massive Chinese cybercrime operation using the OpenClaw and Paperclip systems to automate global attacks...
Exploit for CVE-2026-41679
CVE-2026-41679 Introduction This POC tests if a paperclip...
Missing Authorization
Overview Affected versions of this package are vulnerable to Missing Authorization via import flow. An attacker can gain remote code execution using company creation endpoint that improperly checks for admin rights in authenticated mode deployment with default configuration. Remediation Upgrade...
CVE-2026-41679
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
CVE-2026-41208
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip serv...
CVE-2026-41679 Paperclip Vulnerable to Unauthenticated Remote Code Execution via Import Authorization Bypass
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
CVE-2026-41679
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
CVE-2026-41679
Summary of CVE-2026-41679 (Paperclip) : Paperclip, a Node.js server with a React UI, is vulnerable to unauthenticated remote code execution via an Import Authorization bypass. Up to version 2026.416.0, an unauthenticated attacker can trigger full RCE on any network-accessible Paperclip instance r...
EUVD-2026-25166
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0, an unauthenticated attacker can achieve full remote code execution on any network-accessible Paperclip instance running in authenticated mode with default configuration...
CVE-2026-41208 Paperclip: Privilege Escalation via Agent-Controlled workspaceStrategy.provisionCommand Leading to OS Command Execution
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip serv...
CVE-2026-41208
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip serv...
EUVD-2026-25162
Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior to 2026.416.0 contain a privilege escalation vulnerability that allows an attacker with an Agent API key to execute arbitrary OS commands on the Paperclip serv...