SecurityWeek

RATs in the Machine: Inside a Pakistan-Linked Three-Pronged Cyber Assault on India

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

This new 'sleeperware' doesn't set off alarms or crash your system - it sneaks in and waits

Moving up the ranks is a malware that plays dead until it's ripe to strike.
WinBuzzer

As Malicious Skills Flood OpenClaw AI Marketplace, Inventor Turns to VirusTotal For Help

Attackers have uploaded over 300 malicious skills to OpenClaw's AI marketplace, turning it into a malware delivery system ...
The Hacker News

⚡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.
Cybernews

ClickFix access broker campaign hits Windows with Python-driven backdoors

Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.
The Hacker News

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.