The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Google report: AI is accelerating cloud cyberattacks, and one weak link stands out

Google's latest threat report warns that third-party tools are now prime targets for attackers - and businesses have only days to prepare defenses.