The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site with a hidden connection prompt.

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

OX Security reported a phishing campaign targeting developers using OpenClaw's name to lure victims into a fake site for ...

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...

Allen Institute for AI, a prominent Seattle-based nonprofit research organization working on advancing artificial intelligence models and systems, today launched a new open-source AI agent that can ...

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by ...

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...