Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...

Hackers abused Bing AI search results to promote fake OpenClaw installers on GitHub, spreading Vidar infostealer and other ...

Cybersecurity researchers warn that Pakistan-linked hacking group APT36 is using artificial intelligence to generate large volumes of malware known as “vibeware”. The campaign targets Indian ...

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...

Abstract: Malware analysis is an integral part of cybersecurity, however traditional signature-based detection techniques are inadequate for advanced obfuscation techniques. This paper proposes a ...

OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake installers for it are wreaking havoc. Users who searched Bing’s AI results for “OpenClaw Windows” were ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...