Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings...
Hacking
Category Added in a WPeMatico Campaign
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
Ravie LakshmananFeb 02, 2026Vulnerability / Artificial Intelligence A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as...
Microsoft Begins NTLM Phase-Out With Three-Stage Plan to Move Windows to Kerberos
Ravie LakshmananFeb 02, 2026Kerberos / Enterprise Security Microsoft has announced a three-phase approach to phase out New Technology LAN Manager...
⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats
Ravie LakshmananFeb 02, 2026Hacking News / Cybersecurity Every week brings new discoveries, attacks, and defenses that shape the state of...
Securing the Mid-Market Across the Complete Threat Lifecycle
The Hacker NewsFeb 02, 2026Threat Detection / Endpoint Security For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative...
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
Ravie LakshmananFeb 02, 2026Threat Intelligence / Malware The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility's update...
eScan Antivirus Update Servers Compromised to Deliver Multi-Stage Malware
The update infrastructure for eScan antivirus, a security solution developed by Indian cybersecurity company MicroWorld Technologies, has been compromised by...
Open VSX Supply Chain Attack Used Compromised Dev Account to Spread GlassWorm
Ravie LakshmananFeb 02, 2026Developer Tools / Malware Cybersecurity researchers have disclosed details of a supply chain attack targeting the Open...
Iran-Linked RedKitten Cyber Campaign Targets Human Rights NGOs and Activists
A Farsi-speaking threat actor aligned with Iranian state interests is suspected to be behind a new campaign targeting non-governmental organizations...
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Ravie LakshmananJan 31, 2026Social Engineering / SaaS Security Google-owned Mandiant on Friday said it identified an "expansion in threat activity"...
CERT Polska Details Coordinated Cyber Attacks on 30+ Wind and Solar Farms
Ravie LakshmananJan 31, 2026Network Security / SCADA CERT Polska, the Polish computer emergency response team, revealed that coordinated cyber attacks...
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect...
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between...
Badges, Bytes and Blackmail
Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where...
Ex-Google Engineer Convicted for Stealing 2,000 AI Trade Secrets for China Startup
Ravie LakshmananJan 30, 2026Artificial Intelligence / Economic Espionage A former Google engineer accused of stealing thousands of the company's confidential...
