The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
InfoQ

Cloudflare Releases Experimental Next.js Alternative Built With AI Assistance

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Sophie Koonin discusses the realities of ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

This Scam Impersonates the Official Claude Code Website to Spread Malware

InstallFix delivers an infostealer to your device.
SecurityWeek

Cloned AI Tool Sites Distribute Malware in ‘InstallFix’ Campaign

A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.

Microsoft warns ClickFix attacks targeting Windows Terminal to trick users into running malware

Windows Run is no longer the primary vessel for these attacks ...