We've identified a security incident involving unauthorized access to certain internal Composio systems. We are actively investigating and have engaged external incident response experts to assist with investigation and remediation.
This is a space which we can keep updating as we find more information for now this bulletin has:
Who is impacted
What we know
Recommendations
Who is impacted
We have identified a small percentage of users whose GitHub tokens were compromised, we have reached out to them. As a precautionary measure, we have revoked all user GitHub tokens and contacted the affected users with recommendations for token revocation and abuse detection.
A small number of additional users were affected via specific API keys, and we have contacted them directly.
We are continuing to investigate for any further signs of compromise and will update this bulletin as we learn more.
What we know so far
The attacker probed our systems extensively, brute-forcing many combinations of exploits using LLM generated attack patterns until they gained a foothold in an internal agentic tool used to monitor our infrastructure and report connector failures. From that initial foothold, they abused the tool to obtain elevated access to the automated remediation systems that fix errors in our connectors. They then registered malicious tool definitions inside our sandboxed execution environment, chaining each step to escalate privileges further, until they were ultimately able to execute arbitrary code within our tool-execution sandbox.
The attacker moved at exceptional speed as we tracked them across our systems, demonstrating deep knowledge of our API surface and internal architecture. Their sophistication is consistent with a highly skilled actor, likely augmented by advanced AI systems.
We have thoroughly verified that our supply chain remains safe, including our Python and TypeScript SDKs and our CLI binary. As a precaution, we have paused all new releases until our investigation is complete.
Recommendations
We are currently following up with affected customers with tactical recommendations, but high level we would recommend re-authing your accounts and doubling check your Github usage over the last 8 hrs.
We will keep this space updated over the next hours and days, and expect to ship various product enhancements rapidly to help mitigate any attacks of this sort in the future.
If you haven’t received an email, you can assume we do not believe you have been affected.