depthfirst

@quantumcastaway @DarkWebInformer Yes @quantumcastaway, it was found by our AI platform, General Security Intelligence, and exploited by our security researcher @MavLevin by combining another vuln he found

‼️ OpenClaw, also known by Moltbot and ClawdBot, recently patched a 1-Click RCE via Authentication Token Exfiltration From gatewayUrl CVSS: 8.8 Advisory: github.com/openclaw/openc… Writeup: depthfirst.com/post/1-click-r… All versions up to v2026.1.24-1 are vulnerable. Video: Ethiack

‼️🚨 An ex-Anthropic engineer just published a 1-click remote code execution exploit for OpenClaw (formerly Moltbot and ClawdBot). The attack occurs in milliseconds after the victim visits a webpage, giving the attacker access to Moltbot and the system it's running on. The victim does not need to type anything or approve any prompts.

depthfirst found a 1-Click RCE in Moltbot from a logic flaw. Read the walkthrough to see how we understand codebases to find complex vulnerabilities. DM us if you’d like a demo

we @depthfirstlabs found 1-Click RCE in OpenClaw (aka MoltBot / ClawdBot) ! full vuln & exploit details 👇

The main reason some people are still not trying @openclaw is security. In a world of agents controlling our life, security is quickly becoming the bottleneck

We’re excited to share that @AngelList is officially secured by depthfirst. Our General Security Intelligence acts like an autonomous senior product-security engineer, deeply contextualizing AngelList’s code, infra, and business logic to surface and remediate the vulnerabilities that matter most. Proud to partner with one of Silicon Valley’s most trusted platforms as we continue our mission to secure the world’s software.

We’re launching Secrets, now in public preview. Secret scanning is noisy. Real credentials get buried. Teams either ignore alerts or waste time chasing false positives. Our approach isn’t to find more secrets, it’s to fix the ones that matter. Depthfirst Secrets goes beyond pattern matching: • Long-tail coverage (SaaS, internal, custom creds) • Deep repo context to understand real usage • Credential verification to see what’s actually active & exploitable The result: higher signal, faster prioritization, real risk fixed, without slowing devs down. Secrets is live now. DM us if you want a demo.

Just published: a deep dive into CVE-2025-64721, a critical sandbox escape in Sandboxie enabled by a missing integer overflow check in raw ALPC IPC, leading to heap leaks, 4GB heap obliteration, and SYSTEM-level code execution. This exploit shows how even “secure” isolation can be undone by unchecked assumptions in low-level IPC and memory handling. As systems grow more complex, finding these deep, cross-cutting bugs requires understanding real-world behavior, not just static scans. Big thanks to @DavidXanatos for patching within an hour of disclosure. Read the full blog post below: depthfirst.com/post/alpc-you-… #infosec #vulnerability #securityresearch #Sandboxie

AI models can now enumerate complex vulnerability chains that used to take humans days. The biggest gains are from system design, how you structure context, constraints, and reasoning loops. Not raw model power. We show multi-stage analysis pipelines outperform “single-shot” LLM security scans by 90%.

A few months since this tweet but now both @supabase and @Lovable are secured by @depthfirstlabs ♥️

We're excited to announce that @Lovable is officially secured by depthfirst. Our General Security Intelligence deeply contextualizes across Lovable’s code, infra and business logic - surfacing and autonomously remediating vulnerabilities that matter most to their team. Lovable is one of the fastest growing companies in the world, and this partnership will only accelerate our mission the secure the world's software. #lovable #cybersecurity #securingtheworld

Security analysis is more than code review. It’s configs. Policies. Network topologies. API interactions. LLMs can’t reason reliably unless you give them all the context. Some of our most promising internal research comes from representing entire systems, not just files, as analyzable graphs the model can step through.

There is a huge gap in security research right now: AI papers evaluate models on synthetic or simplified tasks. Real-world systems have quirks, legacy endpoints, partial migrations, odd business logic, and this is where models either shine or collapse. Our work focuses on evaluating AI agents on actual production architectures, surfacing real threats.

my latest (public) vuln: CVE-2025-64721 stay tuned for a blog post about this sandbox escape

Hallucinations in AI security analysis are usually framed as a flaw. But what if we treat them as uncertainty signals? We’ve been experimenting with structured reasoning pipelines where model uncertainty helps flag unclear interfaces or ambiguous assumptions in the underlying software. Interesting direction: uncertainty as a feature, not a bug.

There’s a narrative that AI favors attackers. The asymmetry is more nuanced. Attackers gain speed in probing the attack surface; defenders gain the ability to reason about entire systems end-to-end. The real question: which side leverages AI’s contextual reasoning faster?

this cute XSS bug survived 5 Billion downloads everyone trusted the function called "escapeForHTML", which was like trusting a raccoon with a bag of marshmallows (sweet but bad idea) a feisty quote " escaped HTML sanitation jail. @depthfirstlabs AI found this bug in esbuild 🧵