Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...

Hackers abused Bing AI search results to promote fake OpenClaw installers on GitHub, spreading Vidar infostealer and other ...

The open-source app store GitHub-Store has been released in version 1.6.0. It brings better Linux support and many ...

Bing search results pointed victims to GitHub repositories claiming to host OpenClaw installers, but in reality they installed malware.

Think before you download OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake installers for it are wreaking havoc. Users who searched Bing’s AI results ...

Attackers operated an active C2 implant for up to a week and compromised AppSec vendor Xygeni's xygeni/xygeni-action in that time.

Overview: Modern Large Language Models are faster and more efficient thanks to open-source innovation.GitHub repositories remain the main hub for building, test ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Fake OpenClaw installers on GitHub deployed credential stealers and a proxy tool linked to the Black Basta ransomware group, while Bing's AI served the malicious ...

A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal ...

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.