SecurityWeek

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week.

Infostealers added Clawdbot to their target lists before most security teams knew it was running

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed ...
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...
SecurityWeek

Critical React Native Vulnerability Exploited in the Wild

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.
The Hacker News

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cisco Talos links China-based UAT-8099 to IIS server attacks using BadIIS malware for regional SEO fraud, targeting Thailand ...
CSO Online

This stealthy Windows RAT holds live conversations with its operators

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...

Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...

Report: ICE looking to purchase Michigan warehouse, convert it to detention center

The Department of Homeland Security is looking to expand holding facilities across the U.S. and is reportedly looking at ...
CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...

The viral Clawdbot AI agent can do a lot for you, but security experts warn of risks

Clawdbot can automate large parts of your digital life, but researchers caution that proven security flaws mean users should ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

From Clawdbot to OpenClaw: This viral AI agent is evolving fast - and it's nightmare fuel for security pros

From Clawdbot to OpenClaw: This viral AI agent is evolving fast - and it's nightmare fuel for security pros ...