Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...
Microsoft

AI as tradecraft: How threat actors operationalize AI

Threat actors are operationalizing AI to scale and sustain malicious activity, accelerating tradecraft and increasing risk for defenders, as illustrated by recent activity from North Korean groups ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure

Endor Labs launches AURI, a free security platform that embeds directly into AI coding assistants like Cursor and Claude to ...
PCMag on MSN

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.