Moltbot is now OpenClaw - but watch out, malicious 'skills' are still trying to trick victims into spreading malware

OpenClaw, formerly Clawdbot and Moltbot, faces malware attacks as fake skills and extensions exploit trust in local AI tools.
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...
Dark Reading

Attackers Exploit Zero-Day in End-of-Life D-Link Routers

Attackers are actively exploiting a zero-day vulnerability in multiple discontinued D-Link DSL gateway devices to execute arbitrary shell commands on affected products. Most of the gateways under ...
CoinTelegraph

Flow advances recovery plan, raises exchange concerns after $3.9M exploit

The plan to address a multimillion-dollar exploit continued with "phase two progress" on EVM after it scrapped a plan to roll back the blockchain. The Flow Foundation is continuing to implement a ...
Game Rant

ARC Raiders Exploit Makes the Kettle Macro Even More Powerful

Mohsen Baqery is a Staff Writer at GameRant based in Turkey. He mainly covers video game news and industry features while occasionally publishing guides and listicles. Mohsen started his journey into ...
PC Gamer

Action RPG players will exploit anything in the name of efficiency, which is why Path of Exile 2 players are locking themselves in the campaign for profit

Roguelike Lort devs reluctantly tweak the fantasy roguelike's difficulty after players complain the Risk of Rain 2 successor is too hard: 'You are meant to die and learn how to overcome the challenge' ...
Deadline.com

‘Zootopia 2’: Read The Screenplay For Disney’s Billion-Dollar Sequel That Reteams Hopps & Wilde

Deadline’s Read the Screenplay series spotlighting the scripts behind the awards season’s most talked-about movies continues with Zootopia 2, Disney‘s blockbuster sequel that brings back dynamic duo ...
CSOonline

Hackers exploit Microsoft OAuth device codes to hijack enterprise accounts

Cybercriminals and state-sponsored hackers are increasingly exploiting Microsoft’s legitimate OAuth 2.0 device authorization process to hijack enterprise accounts, bypassing multifactor authentication ...
Deadline.com

The Black List 2025: Matisse Haddad’s ‘Best Seller’ Leads List Of Hollywood’s Best-Liked Unproduced Screenplays

The 21st edition of The Black List, the yearly compilation of Hollywood’s best-liked unproduced screenplays, dropped on Tuesday morning, with Matisse Haddad‘s Best Seller leading the pack in ...
Benzinga.com

Could AI Agents Exploit Ethereum, XRP, Solana? Anthropic Says It's Possible

AI firm Anthropic says its latest tests showed AI agents autonomously hacking top blockchains and draining simulated funds, signaling that automated exploits may now threaten blockchains like Ethereum ...
CoinDesk

Anthropic Research Shows AI Agents Are Closing In on Real DeFi Attack Capability

AI agents are getting good enough at finding attack vectors in smart contracts that they can already be weaponized by bad actors, according to new research published by the Anthropic Fellows program.