The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
The Hacker News

Notepad++ Hosting Breach Attributed to China-Linked Lotus Blossom Hacking Group

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked ...
LinuxInsider

Weaponized Python and Linux Malware Target Executives and Cloud Systems

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...
SecurityWeek

Notepad++ Supply Chain Hack Conducted by China via Hosting Provider

Notepad++ has shared additional details on the supply chain attack carried out by Chinese state-sponsored hackers via a ...

Popular open-source coding application targeted in Chinese-linked supply-chain attack

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the ...

Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...
PCMag on MSN

OpenClaw Is the Hot New AI Agent, But Is It Safe to Use?

Previously Clawdbot and then Moltbot, this agent can take actions without you having to prompt it and make those decisions by accessing large swaths of your digital life.