The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site with a hidden connection prompt.

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at runtime.

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple countries.

OX Security reported a phishing campaign targeting developers using OpenClaw's name to lure victims into a fake site for ...

Allen Institute for AI, a prominent Seattle-based nonprofit research organization working on advancing artificial intelligence models and systems, today launched a new open-source AI agent that can ...

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

A cryptocurrency scam known as "ShieldGuard" has been dismantled after researchers identified it as a malicious browser extension designed to harvest sensitive user data. The operation, uncovered by ...

This week, the AppsFlyer SDK breach, JPMorgan sued over ties to a Ponzi scheme, the OFAC sanctioned a network tied to North ...

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...

Lookout Threat Labs, and iVerify published coordinated research in March 2026 on DarkSword, a JavaScript-based full-chain exploit that compromises iOS devices running versions 18.4 through 18.7 (some ...