GhostClaw: Infostealer for macOS on GitHub

For a few weeks now, malware that also leverages the OpenClaw hype has been circulating on the developer platform GitHub.
Security Boulevard

GlassWorm attack installs fake browser extension for surveillance

It hides inside developer tools, then monitors activity and steals data, turning a single infection into a wider risk across ...
Tom's Hardware on MSN

CanisterWorm malware targets Iranian machines for no apparent reason

CanisterWorm, a persistent malware worm, uses time zone to identify and wipe Iranian machines for no apparent reason.
DataBreachToday

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...
TestingCatalog

Cline debuts Kanban for local parallel CLI coding agents

Cline's Kanban runs multiple CLI agents in parallel with isolated git worktrees. Free, open source, no account required.
The Hacker News

ThreatsDay Bulletin: PQC Push, AI Vuln Hunting, Pirated Traps, Phishing Kits & 20 More Stories

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...
FingerLakes1.com

Best Practices for Implementing Secure Web3 Transaction Hooks

By 2024, daily active wallet count across blockchain ecosystems crossed 7 million. Transaction hooks (code that intercepts, validates, or extends transaction logic in Web3) have become one of the most ...

Halved latency: Web framework IHP 1.5.0 with new database layer

The web framework IHP 1.5.0 brings a new database layer, significant performance gains, and an improved modular architecture.
Infosecurity Magazine

EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts

A new EtherRAT malware campaign using Ethereum smart contracts to hide command-and-control (C2) infrastructure has been ...