How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop

OpenClaw jumped from 1,000 to 21,000 exposed deployments in a week. Here's how to evaluate it in Cloudflare's Moltworker ...

AMOS infostealer targets macOS through a popular AI app

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the ...
Security Boulevard

OpenClaw Open Source AI Agent Application Attack Surface and Security Risk System Analysis

Background In early 2026, OpenClaw (formerly known as Clawdbot and Moltbot), an open-source autonomous AI agent project, quickly attracted global attention. As an automated intelligent application ...
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
CSO Online

SSHStalker botnet brute-forces its way onto 7,000 Linux machines

A newly discovered botnet is compromising poorly-protected Linux servers by brute-forcing weak SSH password login ...
XDA Developers on MSN

I love Proxmox community scripts, but a single command executes 8 remote scripts as root

Do you know what your Proxmox server is actually running?
Opinion

Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how

At the same time, SolarWinds patched CVE-2025-40536, a high-severity (8.1 CVSS) security control bypass vulnerability that can allow an unauthenticated attacker to gain access to certain restricted ...

Tens of thousands of OpenClaw systems exposed by misconfigurations and known exploits

A new report out today from security rating firm SecurityScorecard Inc. warns that widespread vulnerabilities in OpenClaw deployments have left tens of thousands of internet-facing instances exposed ...

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
GitHub

SSH3: faster and rich secure shell using HTTP/3

SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. It comes from our research work and we (researchers) recently proposed it as an Internet-Draft ...
XDA Developers on MSN

4 Windows tools I replaced with a single Linux VM

Consolidating these tools into one place was so useful, I should've done it sooner ...
Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.