Malicious MoltBot skills used to push password-stealing malware

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been ...
Security Boulevard

Zero-Trust Policy Enforcement via Kyber-Encapsulated Context Windows

Learn how to secure Model Context Protocol (MCP) deployments using Kyber-encapsulated context windows and zero-trust policy enforcement for post-quantum security.
InfoWorld

Building AI agents with the GitHub Copilot SDK

The GitHub Copilot SDK turns the Copilot CLI into a cross-platform agent host with Model Context Protocol support.
CSO Online

Think agentic AI is hard to secure today? Just wait a few months

Exponential expansion of autonomous agents in the enterprise may expand enterprise threat surfaces to an almost unmanageable ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.
WinBuzzer

Malicious VS Code Extensions Steal Code from 1.5M Developers

Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...
PCMag on MSN

OpenClaw Is the Hot New AI Agent, But Is It Safe to Use?

Previously Clawdbot and then Moltbot, this agent can take actions without you having to prompt it and make those decisions by accessing large swaths of your digital life.