GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

Attackers have hijacked 75 of 76 GitHub Actions tags for Aqua Security's Trivy scanner, distributing credential-stealing ...

Researchers identified nearly 10,000 websites where API keys could be found, exposing details that could let attackers access ...

OpenClaw developers targeted by sophisticated phishing scam using fake $CLAW token giveaways on GitHub. Learn how attackers ...

A new malware dubbed GhostClaw is targeting crypto wallets on macOS machines. The fake OpenClaw installer captures private ...

A threat actor who stole credentials from a legitimate node package manager (npm) publisher has spread a persistent, ...

Chainguard is racing to fix trust in AI-built software - here's how ...