158 posts were published in the last hour 22:34 : MoltBot Skills exploited to distribute 400+ malware packages in days 22:33 : Infostealers without borders: macOS, Python stealers, and platform abuse 21:34 : New “Punishing Owl” Hacker Group Targets Networks…
MoltBot Skills exploited to distribute 400+ malware packages in days
Over 400 malicious OpenClaw packages were uploaded in days, using MoltBot skills to spread password-stealing malware. Researchers uncovered a large malware campaign abusing AI skills for Claude Code and Moltbot users. Between late January and early February 2026, more than…
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads. The post Infostealers without borders: macOS, Python stealers, and platform abuse appeared first on Microsoft Security Blog. This article has been…
New “Punishing Owl” Hacker Group Targets Networks Linked to Russian Security Agency
A previously unknown threat actor calling itself Punishing Owl has claimed responsibility for breaching a Russian government security agency, marking the emergence of what cybersecurity researchers believe is a new politically motivated hacktivist collective. The attack demonstrated sophisticated operational security…
Russian Hacker Alliance Launches Large-Scale Cyberattack Targeting Denmark
A pro-Russian hacker alliance calling itself “Russian Legion” has issued direct threats against Denmark, warning of large-scale cyberattacks linked to the country’s planned military support to Ukraine. The campaign appears designed to combine disruptive cyber activity with psychological pressure on…
Over 21,000 OpenClaw AI Instances Leak Personal Configuration Data
The open-source AI assistant OpenClaw experienced explosive growth, expanding from approximately 1,000 active instances to over 21,000 in just seven days. Created by Austrian developer Peter Steinberger, the personal AI assistant integrates with email, calendars, smart-home systems, and food-delivery services,…
DynoWiper Malware Targets Energy Firms in Destructive Data-Wiping Attacks
A new data-wiping malware dubbed DynoWiper, deployed against an energy company in Poland in late December 2025. The malware’s tactics, techniques, and procedures closely mirror those observed in earlier ZOV wiper incidents in Ukraine, prompting ESET to attribute DynoWiper to…
Coordinated Cyberattacks Hit 30 Wind and Solar Farms Across Poland
On December 29, 2025, Poland experienced a significant escalation in coordinated cyberattacks targeting critical energy infrastructure. More than 30 wind and photovoltaic farms, a manufacturing company, and a large combined heat and power plant supplying heating to approximately 500,000 customers…
Panera Bread breach affected 5.1 Million accounts, HIBP Confirms
Have I Been Pwned says Panera Bread ’s breach affected 5.1 million accounts, far fewer than the 14 million customers first reported. Have I Been Pwned followed claims by the ShinyHunters gang, which said it stole data from over 14…
From Automation to Infection: How OpenClaw AI Agent Skills Are Being Weaponized
The fastest-growing personal AI agent ecosystem just became a new delivery channel for malware. Over the last few days, VirusTotal has detected hundreds of OpenClaw skills that are actively malicious. What started as an ecosystem for extending AI agents is…
Fast-Growing Chinese Crime Networks Launder 20% of Illicit Crypto: Chainalysis
The influence of Chinese money laundering networks has skyrocketed since 2020, with the operations now moving almost 20% of all illicit cryptocurrency being laundered last year, according to Chainalysis researchers. In 2025, they processed more than $16 billion, or about…
2026-02-02: KongTuke ClickFix activity leads to Async RAT
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Malware-Traffic-Analysis.net – Blog Entries Read the original article: 2026-02-02: KongTuke ClickFix activity leads to Async RAT
OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet
More than 21,000 OpenClaw AI agents are now publicly exposed, raising security concerns over their action-capable design and extensibility. The post OpenClaw’s Rapid Rise Exposes Thousands of AI Agents to the Public Internet appeared first on eSecurity Planet. This article…
How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization
DataDome blocked 16M+ bot requests from 3.9M IPs targeting a global sports organization’s ticket sales. See how we stopped industrial-scale scalpers. The post How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization appeared first on Security…
Reorient Your Thinking to Tackle AI Security Risks
The rise of artificial intelligence has rendered portions of your current cybersecurity playbook obsolete. Unless Chief Information Security Officers (CISOs) act quickly to reorient their thinking, they may be unaware of and unprepared to face emerging AI-related threats. Learn how…
IT Security News Hourly Summary 2026-02-02 21h : 9 posts
9 posts were published in the last hour 19:32 : Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins 19:32 : Devices 19:32 : Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users 19:32 : StopICE…
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI, and More Read the original…
Devices
Something I learned very early on as a DF/IR consultant was that you’re likely never going to run into a perfect environment as an on-call responder. In fact, the best you can hope for is an environment with the default logging,…
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks. ClawHub is a marketplace designed to make it easy for…
StopICE hacked to send alarming text messages, admins accuse border patrol agent of sabotage
The ICE-tracking service says it doesn’t store usernames or addresses ICE-reporting service StopICE has blamed a US Customs and Border Protection (CBP) agent for attacking its app and website and sending users text messages warning them that their information had…
AI Threats in 2026: A SecOps Playbook
As AI-driven threats accelerate in 2026, security teams must evolve their defenses to manage new risks and maintain resilience. The post AI Threats in 2026: A SecOps Playbook appeared first on eSecurity Planet. This article has been indexed from eSecurity…
Russian Hacker Alliance Targeting Denmark in Large-Scale Cyberattack
A newly formed Russian hacker alliance known as Russian Legion has launched a coordinated cyberattack campaign against Denmark, threatening critical infrastructure and government services. The alliance, which includes Cardinal, The White Pulse, Russian Partizan, and Inteid, publicly announced its formation…
30 Wind and Solar Farms in Poland Faced Coordinated Cyberattacks
On December 29, 2025, Poland faced a coordinated assault targeting more than 30 wind and solar farms, alongside a large combined heat and power plant and a manufacturing facility. The attacks occurred during severe winter weather, when temperatures dropped and…
DynoWiper Data-Wiping Malware Attacking Energy Companies to Destroy Data
A dangerous new data-wiping malware known as DynoWiper has emerged, targeting energy companies in Poland with destructive attacks designed to permanently erase critical data. The malware surfaced in December 2025 when security researchers detected its deployment at a Polish energy…