Moltbot is now OpenClaw - but watch out, malicious 'skills' are still trying to trick victims into spreading malware

Hackers have already published a fake Visual Studio Code extension that impersonates the assistant under its former name, ...
Infosecurity Magazine

Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project ...
SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.

I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...
Decrypt

OpenClaw Opens the Gates for AI Agents—Here’s What’s Real and What’s Not

OpenClaw hit 147,000 GitHub stars in a matter of weeks and spawned an entire ecosystem of AI agents. But just how much is ...

Using Zoom For Video Calls? Indian Government Issues High Risk Hacking Warning

The Indian government has issued a serious high-risk security warning regarding a critical vulnerability in Zoom, as ...

AI just got its own social network — and humans aren’t invited

Moltbook, a social media app for AI agents, is going viral for its nature to share ideas and debate. The most interesting ...

This open-source AI tool makes Google Assistant look obsolete

OpenClaw shows what happens when an AI assistant gets real system access and starts completing tasks, over just answering ...

OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.

API keys and credentials. Agents operate inside authorized permissions where firewalls can't see. Traditional security models ...
WinBuzzer

ChatGPT’s Code Execution Containers Gain Bash Support and Multi-Language Code

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.
Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.