The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Bitget Upgrades Agent Hub with Skills and CLI, Allowing OpenClaw to Start Trading in Three Minutes

Bitget , the world's largest Universal Exchange (UEX), today announced a major upgrade to its Agent Hub, which gathers AI-era crypto trading infrastructure for developers and Vibe Coders. The upgrade ...