The Hacker News

Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor

A fake Go module posing as golang.org/x/crypto captures terminal passwords, installs SSH persistence, and delivers the ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...

Oasis Security Research Team Discovers Critical Vulnerability in OpenClaw

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in OpenClaw that allows any website to silently take full control of a developer's AI ...

AI’s ‘connective tissue’ is woefully insecure, Cisco warns

The vulnerability of the “connective tissue” of the AI ecosystem — the Model Context Protocol and other tools that let AI agents communicate — “has created a vast and often unmonitored attack surface” ...
CIO

The agent control plane: Architecting guardrails for a new digital workforce

AI agents are powerful, but without a strong control plane and hard guardrails, they’re just one bad decision away from chaos.
CSO Online

The ephemeral infrastructure paradox: Why short-lived systems need stronger identity governance

Your cloud isn’t at risk because it’s fast; it’s at risk because thousands of invisible machine identities outlive your control.

AI Assistant OpenClaw Gets VirusTotal On Its Side

The OpenClaw developer recently announced this partnership in a blog post. OpenClaw is a particularly powerful AI assistant that, depending on its configuration, has extensive system privileges, uses ...

CAPTCHA or trap? Windows users tricked into installing malware on their PCs

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.
Cybernews

Malicious NPM package racks up 50,000 infections in days, developers fully compromised

A malicious NPM package, ambar-src, mimicking a popular JavaScript framework, was downloaded nearly 50,000 times in a few ...