Archive - Pluto Security

Inside Claude Cowork: How Anthropic's Autonomous Agent Actually Works

We reverse-engineered the security architecture of Claude's autonomous desktop agent. Here's what we found.

Apr 1 • Yotam Perkal and Pluto Security

March 2026

Another Day, Another Supply Chain Compromise: Here’s What We Know About the Axios Incident

A maintainer account takeover, a cross-platform RAT, and a payload designed to vanish - inside the axios npm compromise and why network-level detection…

Mar 31 • Pluto Security and Yotam Perkal

Analyzing the Supply Chain Attack on LiteLLM: TeamPCP's Expanding Supply Chain Campaign

litellm, with nearly 500 million downloads, was silently turned into a credential-stealing trojan on PyPI, likely as a direct consequence of the recent…

Mar 24 • Yotam Perkal

February 2026

MCPwnfluence: Critical Unauthenticated SSRF to RCE Attack Chain in the Most Widely Used Atlassian MCP Server

We disclosed CVE-2026-27825 (CVSS 9.1) and CVE-2026-27826 (CVSS 8.2), enabling a network-reachable RCE chain in mcp-atlassian (4M+ downloads)

Feb 26 • Pluto Security and Yotam Perkal

Clawing Out: The Skills Marketplace Just Inherited Its First Second-Degree Supply Chain Risk

Understanding second-order supply-chain risk in agent ecosystems: this is not just an OpenClaw issue - any system consuming agent skills may inherit the…

Feb 4 • Pluto Security, Yotam Perkal, and Ehud Melzer

January 2026

Moltbot(Clawdbot) in the Wild: Exposure Risks and Practical Hardening

What we learned by looking at how people actually deploy autonomous agents, and why agent gateways should be treated like privileged infrastructure, not…

Jan 26 • Pluto Security and Yotam Perkal

November 2025

When Everyone Becomes a Creator - The Opportunities and Risks of AI-Builders

By Rick Doten, Veteran CISO, AI Researcher and Shahar Bahat, CEO of Pluto Security

Nov 14, 2025 • Pluto Security, Shahar Bahat, and Rick Doten

Secure AI Development with Commands: Beyond Static Rules

Turning security checklists and best practices into executable, self-updating workflows developers actually use.

Nov 5, 2025 • Pluto Security and Gil Maman

October 2025

CVE-2025–48757 - what happened, why it still matters, and how to check your fleet

A technical deep-dive for security teams and engineers

Oct 27, 2025 • Pluto Security and Gil Maman

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts