The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...
The Hacker News

Europol-Led Operation Takes Down Tycoon 2FA Phishing-as-a-Service Linked to 64,000 Attacks

Authorities dismantle Tycoon 2FA phishing service linked to 64,000 attacks, millions of emails, and breaches at nearly ...
InfoWorld

What I learned as an undercover agent on Moltbook

Activity on the Reddit-style social network for OpenClaw agents raises serious cybersecurity and privacy concerns.
North Penn Now

Inside Banana Gun's Unified Bot: Five Chains, One Interface, Full Feature Set

Banana Gun launched its unified Telegram trading bot this week. Here is exactly what it includes and what it changes for traders on the platform.