A malicious npm package disguised as a legitimate AI tool to install the virally popular OpenClaw, but designed to steal system passwords and crypto wallets, has been identified by cybersecurity ...

Microsoft has released Windows 11 KB5079473 and KB5078883 cumulative updates for versions 25H2/24H2 and 23H2 to fix security ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Windows users are encountering a new run of malware that is infecting their PC by impersonating some of the system's most commonly used apps.

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Fake OpenClaw installers on GitHub deployed credential stealers and a proxy tool linked to the Black Basta ransomware group, while Bing's AI served the malicious ...

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks.