The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...
腾讯网

恶意npm包伪装OpenClaw安装程序部署远控木马,窃取macOS凭证

A:该恶意包通过显示虚假的命令行安装界面和伪造的iCloud钥匙串授权提示来进行社会工程学攻击。它会显示带有动画进度条的假安装过程,然后弹出看起来很真实的系统密码输入框,诱骗用户输入密码。

手把手教你安全“养虾”:OpenClaw极简部署指南

手把手教你安全“养虾”:OpenClaw极简部署指南,服务器,websocket,插件,vm,key,网关 ...