Dark Reading

Supply Chain Attack Secretly Installs OpenClaw for Cline Users

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.
American Banker

OpenClaw AI creates shadow IT risks for banks

Bank employees are likely adopting the OpenClaw AI assistant on the sly to boost productivity, but the tool's deep ...
Microsoft

Running OpenClaw safely: identity, isolation, and runtime risk

Self-hosted agents execute code with durable credentials and process untrusted input. This creates dual supply chain risk, ...

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

New research finds that 48% of cyberattacks involve your web browser - and AI is only making matters worse. Follow these best practices to protect yourself.

iPhone camera & microphone dot can be suppressed if you're already hacked

Apple's camera and microphone indicators are supposed to tell iPhone users when the microphone or camera are on, but after a ...
WeLiveSecurity

PromptSpy ushers in the era of Android threats using GenAI

ESET researchers discover PromptSpy, the first known Android malware to abuse generative AI in its execution flow ...

Enkrypt AI Launches Skill Sentinel to Secure AI Coding Assistant Skills

Enkrypt AI introduces open-source protection for the AI development supply chain, securing coding assistant Skills ...
CSO Online

Hackers can turn Grok, Copilot into covert command-and-control channels, researchers warn

Permissive AI access and limited monitoring could allow malware to hide within trusted enterprise traffic, thereby ...
Security Boulevard

How Modern Security Platforms Organize Rules

Every security platform eventually faces the same foundational question: How should security rules be organized? At first glance, this sounds like a simple data-modeling choice. In practice, it ...