The Hacker News

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.
WinBuzzer

As Malicious Skills Flood OpenClaw AI Marketplace, Inventor Turns to VirusTotal For Help

Attackers have uploaded over 300 malicious skills to OpenClaw's AI marketplace, turning it into a malware delivery system ...
The Hacker News

TeamPCP Worm Exploits Cloud Infrastructure to Build Criminal Infrastructure

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

Password guessing without AI: How attackers build targeted wordlists

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password ...
Cryptopolitan on MSN

ClawHub hosts AI agent skills enabling supply chain attacks

ClawHub contains malicious skills and prompts, noted SlowMist in its latest preview of the marketplace. AI bot skills may contain stealers or malicious installations.