malware

Malicious MoltBot Skills Used to Push Password-stealing Malware

Over 230 malicious packages, dubbed “skills,” targeting the OpenClaw AI assistant have been released in a week, posing as legitimate tools to distribute malware that steals sensitive information like API keys and passwords. The malware exploits misconfigurations in OpenClaw's admin interface and employs social engineering tactics to infect users' systems, using a seemingly crucial tool called ‘AuthTool' to deliver payloads. To mitigate risks, users are advised to carefully verify the safety of skills before use and adopt security measures such as isolating the AI assistant in a virtual environment.

https://www.bleepingcomputer.com/news/security/malicious-moltbot-skills-used-to-push-password-stealing-malware/

How Fake Party Invitations Are Being Used to Install Remote Access Tools

Fake party invitations are being used in a scam to trick victims into installing ScreenConnect, a remote access tool, on their Windows computers. Victims receive emails that appear friendly and informal, leading to a seemingly innocent invitation link. Clicking the link downloads an MSI file disguised as an invitation, which silently installs ScreenConnect, allowing attackers full control of the victim's computer. The scam exploits human curiosity and urgency, often going unnoticed until suspicious behavior occurs on the system. To protect against this scam, users should be wary of unsolicited invitations, avoid running unknown MSI files, and verify invitations through other channels.

https://www.malwarebytes.com/blog/threat-intel/2026/02/how-fake-party-invitations-are-being-used-to-install-remote-access-tools

Notepad Hijacked

Notepad++ update servers were compromised by a likely Chinese state-sponsored group from June to December 2025. Attackers intercepted update traffic, redirecting users to malicious binaries due to inadequate validation of update packages. Following the breach, Notepad++ enhanced security measures, including stricter validation processes and plans to implement XMLDSig in future updates to prevent such incidents.

https://cybersecuritynews.com/notepad-hijacked/

OpenSourceMalware.com

Extreme TLDR:
14 malicious ClawdBot skills, posing as crypto trading tools, distribute malware targeting ByBit, Polymarket, and others. Skills leverage social engineering for credential theft on macOS and Windows. They exploit a lack of security in ClawHub, using deceptive documentation to trick users into executing harmful commands. The campaign relies on a centralized C2 infrastructure for data theft, with multiple skills still available online.

https://opensourcemalware.com/blog/clawdbot-skills-ganked-your-crypto

Can’t Stop, Won’t Stop: TA584 Innovates Initial Access

TA584 Cyber Threat Overview: TA584 is a prominent threat actor monitored by Proofpoint, known for rapid innovation in attack strategies. In 2025, it evolved its tactics, employing ClickFix social engineering, targeting various regions, and introducing new malware (Tsundere Bot). This actor showed a significant increase in campaign frequency, tripling monthly attacks by year's end, with a focus on quick campaign turnover and a variety of delivery methods. Its recent approach contrasts earlier patterns, highlighting its adaptability to cybersecurity defenses.

https://www.proofpoint.com/us/blog/threat-insight/cant-stop-wont-stop-ta584-innovates-initial-access

Operation Bizarre Bazaar: First Attributed LLMjacking Campaign With Commercial Marketplace Monetization

Pillar Security introduces RedGraph, the first attack surface mapping and continuous testing platform for AI agents, providing visibility and security for AI infrastructures. The platform addresses rising threats identified in “Operation Bizarre Bazaar,” an orchestrated campaign focused on exploiting exposed AI systems for unauthorized access and resale on digital marketplaces. Key risks include compute theft, data exfiltration, and lateral movement within networks. Recommendations for mitigation involve enabling authentication, auditing server exposure, and implementing strict security controls. The ongoing threat necessitates transparency and proactive defense measures in AI environments.

https://www.pillar.security/blog/operation-bizarre-bazaar-first-attributed-llmjacking-campaign-with-commercial-marketplace-monetization

Malicious PyPI Packages Spellcheckpy and Spellcheckerpy Deliver Python RAT

Malicious PyPI packages spellcheckpy and spellcheckerpy impersonated the legitimate pyspellchecker, embedding a base64-encoded payload that executes a Python Remote Access Trojan (RAT) when imported. Initially dormant, the payload would extract and execute upon the new version's trigger. This RAT, with dual-layer XOR encryption, facilitates remote control, evading detection, and employs a command and control server historically linked to malicious activity. Connections to earlier similar attacks suggest a recurring threat actor.

https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat

Stanley — a $6,000 Russian Malware Toolkit With Chrome Web Store Guarantee

Varonis Threat Labs reveals “Stanley,” a $6,000 Russian malware toolkit that spoofs websites as a Chrome extension, guaranteeing Google Store approval. It employs aggressive tactics, targeting users through email compromises and Chrome notifications. The toolkit's capabilities include detailed user tracking, phishing page overlays, and backup protocol for command and control operations. Despite its visible faults, it capitalizes on browser vulnerabilities, posing significant risks until marketplace policies improve.

https://www.varonis.com/blog/stanley-malware-kit

Novel Fake CAPTCHA Chain Delivering Amatera Stealer

Extreme TLDR: Blackpoint SOC reports a Fake CAPTCHA campaign delivering Amatera Stealer via a signed Microsoft script, leveraging legitimate Windows components to evade detection. Key tactics include user behavior validation, live configuration from Google Calendar, and PNG steganography for payload delivery. The attack chain is designed to progress only when specific conditions are met, making it hard for detection systems to identify.

Key Findings:
– Uses Fake CAPTCHA and a LO-LBIN script.
– Validates user interactions and clipboard contents.
– Pulls configurations from a Google Calendar.
– Utilizes PNG images for encrypted payload delivery.
– Executes final payload—Amatera Stealer—using complex, layered encryption and evasive networking techniques.

Recommendations: Restrict access to the Run dialog, remove unnecessary App-V components, educate users about lures, enable PowerShell logging, and monitor for suspicious execution patterns.

https://blackpointcyber.com/blog/novel-fake-captcha-chain-delivering-amatera-stealer/

New Android Malware Uses AI to Click on Hidden Browser Ads

New Android malware utilizes AI with TensorFlow to automatically click on hidden ads, enhancing click fraud mechanisms. Distributed via Xiaomi’s app store and third-party sites, it uses a ‘phantom’ mode for covert actions and a ‘signalling’ mode for real-time control. Affected apps initially lack malicious intent but receive updates adding harmful features, misleading users. Users are advised to avoid non-Google Play apps to mitigate risks.

https://www.bleepingcomputer.com/news/security/new-android-malware-uses-ai-to-click-on-hidden-browser-ads/

VoidLink Cloud Malware Shows Clear Signs of Being AI-generated

VoidLink malware, developed likely by a solo programmer with AI assistance, exhibits advanced features like custom loaders and rootkits. Check Point Research notes it shows clear signs of AI generation, operational security failures, and rapid functionality development within a week. This marks a shift where individuals with technical skills can produce sophisticated malware, previously achievable only by well-resourced teams, making it a notable example of AI-driven cyber threats.

https://www.bleepingcomputer.com/news/security/voidlink-cloud-malware-shows-clear-signs-of-being-ai-generated/

Firefox Joins Chrome and Edge as Sleeper Extensions Spy on Users

Malicious browser extensions, including ShadyPanda and GhostPoster, have been found to spy on users across Firefox, Chrome, and Edge. These extensions behaved normally for years before switching to spyware after updates, leveraging techniques like steganography to hide malicious code. Seventeen affected extensions have over 840,000 downloads. Users are advised to uninstall any suspicious extensions and conduct a Malwarebytes Deep Scan to check for infections.

https://www.malwarebytes.com/blog/news/2026/01/firefox-joins-chrome-and-edge-as-sleeper-extensions-spy-on-users

Malicious GhostPoster Browser Extensions Found With 840,000 Installs

17 malicious GhostPoster browser extensions found in Chrome, Firefox, and Edge have accumulated 840,000 installs, employing hidden JavaScript for tracking, ad fraud, and backdoor access. These extensions, initially reported in December, include popular ones like “Google Translate in Right Click” and “Ads Block Ultimate.” They originated on Microsoft Edge and spread to other browsers, with some active since 2020. Recent variants show advanced evasion tactics, but affected users remain at risk even after removals from stores.

https://www.bleepingcomputer.com/news/security/malicious-ghostposter-browser-extensions-found-with-840-000-installs/

VoidLink: The Cloud-Native Malware Framework

Extreme TLDR: VoidLink is a modular, cloud-native Linux malware framework designed for stealth and long-term access, featuring over 30 plugins, adaptable OPSEC techniques, and developed by possibly Chinese affiliates for commercial use. It targets cloud environments, adapts behavior based on detected security measures, and includes capabilities for credential harvesting and persistence.

https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/

Scroll to Top