GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

OX Security reported a phishing campaign targeting developers using OpenClaw's name to lure victims into a fake site for ...

Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python ...

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...