Researchers Reveal Six New OpenClaw Vulnerabilities
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw
Infosecurity Magazine
20 articles
Cryptojacking Campaign Exploits Driver to Boost Monero Mining
Cryptojacking campaign used pirated software to deploy a persistent XMRig miner with stealth tactics
AI Assistants Used as Covert Command-and-Control Relays
AIs like Grok and Microsoft Copilot can be exploited as covert C2 channels for malware communication
Record Number of Ransomware Victims and Groups in 2025
Searchlight Cyber reports a 30% annual increase in ransomware victim numbers in 2025
Chinese APT Group Exploits Dell Zero-Day for Two Years
Mandiant reveals campaign featuring exploit of a CVSS 10.
Android 17 Beta Introduces Secure-By-Default Architecture
Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development
Apple Expands RCS Encryption and Memory Protections in iOS 26.4
iOS 26.
Low-Skilled Cybercriminals Use AI to Perform "Vibe Extortion" Attacks
Unit 42 researchers observed a low-skilled threat actor using an LLM to script a professional extortion strategy, complete with deadlines and pressure tactics
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Teleport study reveals that organizations running over-privileged AI have a 76% incident rate
Significant Rise in Ransomware Attacks Targeting Industrial Operations
Dragos annual report warns of a surge in ransomware attacks causing increased operational disruption in industrial environments
Infostealer Targets OpenClaw to Loot Victim’s Digital Life
Hudson Rock has warned OpenClaw users that infostealers are targeting their configuration files
Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords
Security researchers have challenged end-to-end encryption claims from popular commercial password managers
SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks, NCSC Boss Warns
NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations
OysterLoader Evolves With New C2 Infrastructure and Obfuscation
OysterLoader malware evolves into 2026, refining C2 infrastructure, obfuscation & infection stages
Operation DoppelBrand Weaponizes Trusted Brands For Credential Theft
New phishing campaign dubbed Operation DoppelBrand targeted major financial firms like Wells Fargo
Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day
A high severity vulnerability in Google Chrome and allows remote attackers to execute code
Crypto Payments to Human Traffickers Surges 85%
Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations
Odido Breach Impacts Millions of Dutch Telco Users
Dutch telco Odido has revealed a major data breach impacting over six million customers
Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third
G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk
Fake AI Assistants in Google Chrome Web Store Steal Passwords and Spy on Emails
Hundreds of thousands of users have downloaded malicious AI extensions masquerading as ChatGPT, Gemini, Grok and others, warn cybersecurity researchers at La...