The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Signal issues scam warning to users after hackers target officials

Signal says its systems are secure but it is taking reports of targeted attempts to hack some officials "very seriously".
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer , offering attackers a way to push malware to downstream customers, inject arbitrary code, and ...
Cyber Daily

Exclusive: Safepay ransomware claims hack of Smile Team Orthodontics

The Safepay ransomware group has listed a New South Wales-based dental practice as a victim on its darknet leak site and has published a raft of documents stolen during the breach. Smile Team ...
Cyber Daily

Patch now! Exploitation of Nginx UI vulnerability “imminent,” warns threat analyst

Hackers are already probing impacted versions of Nginx web server’s user interface, hunting for credentials and encryption keys.

Food distributor UNFI takes sales hit as it pursues higher margins through 2028

Food wholesaler and distributor UNFI took an intentional fourth-quarter sales hit as it implements its strategic plan for higher margins through 2028 and beyond.
CSO Online

Devs looking for OpenClaw get served a GhostClaw RAT

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.