The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
Computer Weekly

Salesforce tracks possible ShinyHunters campaign targeting its users

Salesforce has warned users of an uptick in threat actor activity targeting Experience Cloud customers’ who have accidentally enabling overly permissive guest user configurations. Salesforce stressed ...