Category: ➽Malware
-
Malicious ClawHub Skills: 341 Threats Exposing OpenClaw Users
Malicious ClawHub Skills are at the center of a major cybersecurity discovery that has shaken the OpenClaw ecosystem and raised urgent questions about voice assistant security. Researchers have uncovered 341 harmful skills hosted on ClawHub that were quietly harvesting sensitive user data, often without detection. The findings show how attackers exploited trust in the skill…
-
GlassWorm attack: 7 urgent facts on the macOS OpenVSX hack
GlassWorm attack investigations have revealed a stealthy macOS-focused campaign abusing compromised OpenVSX extensions to infiltrate developer environments. Security researchers warn that this supply chain operation targets trust in open-source ecosystems, silently delivering malicious code through tools developers use daily. 😨 By weaponizing popular VS Code add-ons, attackers bypass traditional defenses and gain persistent access to…
-
North Korean Hackers Exposed: 3,100+ IP Job Scam Impact
North Korean hackers have once again shocked the global cybersecurity community after a massive operation revealed that more than 3,100 IP addresses were targeted in a sophisticated job scam affecting the AI, crypto, and finance industries. This urgent revelation underscores how cybercriminals are evolving their tactics to exploit professionals and organizations alike 😱. The campaign,…
-
CISA Known Exploited Vulnerabilities: 4 Urgent Risks
CISA Known Exploited Vulnerabilities updates have become a critical alert mechanism for organizations worldwide, and the latest addition of four actively exploited flaws significantly raises the urgency for immediate remediation. On January 22, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed that four newly discovered vulnerabilities were added to its Known Exploited Vulnerabilities (KEV)…
-
LOTUSLITE Malware Attack: 7 Key Mustang Panda Insights
LOTUSLITE malware has become a prominent cyber threat after researchers uncovered how the Mustang Panda threat group exploited Venezuela-related news to distribute this stealthy backdoor 🦠. The campaign relied on targeted spear-phishing emails crafted to appear as legitimate geopolitical updates, luring victims into opening malicious attachments. The spear phishing archive named US now deciding what’s…
-
Fake Ad Blocker Extension Triggers Browser Crash ClickFix Attacks
Fake ad blocker extension campaigns are rapidly emerging as one of the most deceptive browser-based threats seen in recent months. Security researchers have uncovered a new tactic in which a fake ad blocker extension deliberately crashes the victim’s browser to launch ClickFix attacks, tricking users into executing malicious commands themselves. This fake ad blocker extension…
-
GhostPoster Browser Extensions: 840K Installs Exposed
GhostPoster browser extensions have emerged as one of the most alarming examples of how malicious code can quietly scale inside trusted ecosystems. Security researchers recently confirmed that a long-running campaign involving these extensions reached more than 840,000 installs before being removed from official browser stores. What makes this case especially dangerous is how GhostPoster browser…
-
StealC Malware Revealed: 7 Impacts of Hackers Hacked
StealC malware has become the center of attention after an unusual twist in the cybercrime ecosystem: the attackers themselves were compromised. In a rare and revealing incident, security researchers successfully infiltrated and hijacked StealC malware command-and-control panels, gaining unprecedented visibility into active criminal operations. This event sheds light on how modern malware campaigns are managed,…
-
Gootloader Malware Revealed: 7 Impacts of 1,000-Part ZIP Attacks
Gootloader malware has once again evolved, adopting an unusually stealthy delivery technique that is raising alarms across the cybersecurity community. Security researchers recently uncovered that this long-running threat now abuses massive multi-part ZIP archives to evade detection and slip past traditional defenses. By splitting a single malicious payload into up to 1,000 compressed parts, attackers…
-
SEO Poisoning Malware Revealed: 7 Key Facts About Black Cat Operations
SEO poisoning malware has become one of the most dangerous and deceptive cyber threats in recent years, and security researchers now link several large-scale campaigns to the notorious Black Cat ransomware group. This evolution of search engine manipulation allows attackers to place malicious websites at the top of trusted results, tricking users into downloading infected…