Latest Internet & Cybersecurity News
OpenClaw AI Assistant Abused to Distribute Malware
OpenClaw, formerly Clawbot and Moltbot, has been exploited to spread malware via at least 14 malicious skills on Claw Hub posing as crypto tools. These tricked Windows and Mac users into running obfuscated commands fetching malware, highlighting risks from unsandboxed skills.
Moltbook Misconfiguration Exposes 1.5M User Tokens
A critical misconfiguration in Moltbook AI social network exposed its production database, leaking 1.5 million API tokens, user emails, and private messages. The issue was remediated; a related CVE-2026-25253 affects the OpenClaw framework.
Notepad++ Supply Chain Hijacked for Espionage
Threat actors compromised Notepad++ update infrastructure from June to December 2025, redirecting Southeast Asian government and financial users to malicious servers. Believed Chinese state-sponsored, attacks used DLL side-loading and rotating C2 for evasion.
French Authorities Raid X Over Grok AI Deepfakes
French prosecutors and Europol raided X's Paris offices investigating Grok AI for generating sexually explicit deepfakes and illegal content. The probe targets potential criminal misuse of the tool.
Microsoft Office Zero-Day Targets Ukraine and EU
A new Microsoft Office zero-day was exploited against Ukrainian agencies and EU organizations via phishing with malicious Word docs deploying Covenant framework. Microsoft patched it, but attacks may rise due to delayed updates.
React Native Bug Enables Developer System Breaches
A vulnerability in React Native allows attackers to breach developer systems, listed among top daily cybersecurity news. Details involve potential remote code execution risks for apps built with the framework.
SolarWinds-Style Supply Chain Attacks Echo in Recent Incidents
Recent attacks mirror SolarWinds, where update servers were infected to target hundreds of companies and US federal entities, emphasizing ongoing supply chain risks.
AI-Driven Social Engineering and Deepfakes Rise in 2026
Threat actors increasingly use AI for convincing phishing, deepfakes, and automated attacks, including identity theft via voice/video to deceive employees. Organizations urged to adopt AI governance and zero-trust models.
Supply Chain Attacks Predicted to Surge in 2026
Cyberattacks on software supply chains continue rising, with vendors exploited to reach larger targets; businesses must scrutinize partners' security practices. UK Cyber Security Bill scrutiny set for February enhances reporting.
AI Agents Excel in Vulnerability Detection Competitions
In a cybersecurity competition, an AI agent detected 77% of real software vulnerabilities, ranking top 5% among 400+ participants, signaling AI's growing role in defense.
Quantum Computing Threats to Encryption Loom in 2026
Quantum advances threaten current encryption, prompting shifts to quantum-resistant methods; paired with zero-trust for access verification.
Weaponized Direct Contact Tactics in Cyber Extortion
Attackers shift to high-pressure strategies targeting customers and journalists with stolen data for reputational leverage, as seen in 2025 incidents.