Security

OpenClaw Vulnerability Enables One Click Remote Code Execution Through Malicious Link

A critical security vulnerability has been identified in OpenClaw, previously known as Clawdbot and Moltbot, that enables attackers to Customer Cabinetachieve remote code execution by tricking users into clicking a specially crafted link. The flaw has been assigned CVE-2026-25253 and carries a high CVSS score of 8.8. The issue was resolved in OpenClaw version 2026.1.29, […]

OpenClaw Vulnerability Enables One Click Remote Code Execution Through Malicious Link Read More »

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users

The official update infrastructure of Notepad++ was compromised in a highly targeted cyber operation, resulting in malware being delivered to select users. The project’s lead developer, Don Ho, confirmed that the incident was caused by a hosting level breach rather than a flaw in the Notepad++ source code itself. According to Ho, attackers gained control

Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users Read More »

Open VSX Supply Chain Attack Used a Compromised Developer Account to Spread GlassWorm

Cybersecurity researchers have uncovered a supply chain attack targeting the Open VSX Registry, where unknown threat actors compromised a legitimate developer account to distribute malicious updates through trusted extensions. According to Socket security researcher Kirill Boychenko, on January 30, 2026, four well established Open VSX extensions published by a developer identified as “oorzc” were updated

Open VSX Supply Chain Attack Used a Compromised Developer Account to Spread GlassWorm Read More »

Fake Moltbot AI Coding Assistant on VS Code Marketplace Distributes Malware

Cybersecurity researchers have uncovered a malicious Visual Studio Code extension that impersonated Moltbot, previously known as Clawdbot, and secretly installed malware on developer systems. The fake extension was distributed through Microsoft’s official VS Code Marketplace and falsely advertised itself as a free AI powered coding assistant. The extension, listed as “ClawdBot Agent, AI Coding Assistant” with the

Fake Moltbot AI Coding Assistant on VS Code Marketplace Distributes Malware Read More »

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid

A coordinated cyber attack that struck multiple locations across the Polish power grid in late December 2025 has been attributed, with medium confidence, to a Russian state sponsored threat group known as ELECTRUM. Operational technology security firm Dragos revealed the findings in a newly published intelligence brief, describing the incident as the first large scale cyber attack focused on distributed energy

Russian ELECTRUM Linked to December 2025 Cyber Attack on Polish Power Grid Read More »

Critical vm2 Node.js Vulnerability Allows Sandbox Escape and Arbitrary Code Execution

A critical security vulnerability has been disclosed in the widely used vm2 Node.js library, exposing systems to sandbox escape and arbitrary code execution risks. If exploited successfully, attackers could execute malicious code directly on the host operating system, completely bypassing vm2’s intended isolation mechanisms. The flaw is tracked as CVE-2026-22709 and carries a CVSS score of 9.8, placing it among the

Critical vm2 Node.js Vulnerability Allows Sandbox Escape and Arbitrary Code Execution Read More »

Two High Severity n8n Vulnerabilities Allow Authenticated Remote Code Execution

Cybersecurity researchers have disclosed two serious security flaws in the n8n workflow automation platform that could allow authenticated attackers to achieve remote code execution (RCE) and potentially take full control of affected environments. The vulnerabilities were discovered by the JFrog Security Research team and impact n8n’s sandboxing mechanisms for both JavaScript and Python execution. Given n8n’s deep integration across enterprise automation

Two High Severity n8n Vulnerabilities Allow Authenticated Remote Code Execution Read More »

Fake Python Spellchecker Packages on PyPI Deliver Hidden Remote Access Trojan

Cybersecurity researchers have uncovered two malicious Python packages on the Python Package Index (PyPI) that posed as legitimate spellchecking tools while secretly delivering a remote access trojan (RAT). The packages, spellcheckerpy and spellcheckpy, have since been removed, but not before they were downloaded more than 1,000 times combined. According to Aikido researcher Charlie Eriksen, the malware was concealed

Fake Python Spellchecker Packages on PyPI Deliver Hidden Remote Access Trojan Read More »

Critical Grist Core Vulnerability Enables RCE Attacks Through Spreadsheet Formulas

A severe security vulnerability has been identified in Grist-Core, the open-source self-hosted variant of the Grist relational spreadsheet-database, which could allow remote code execution (RCE). The flaw, cataloged as CVE-2026-24002 with a CVSS score of 9.1, has been dubbed Cellbreak by Cyera Research Labs. “One malicious formula can turn a spreadsheet into a Remote Code Execution (RCE) beachhead,” said security researcher Vladimir Tokarev, who

Critical Grist Core Vulnerability Enables RCE Attacks Through Spreadsheet Formulas Read More »

Experts Identify Pakistan Linked Cyber Campaigns Targeting Indian Government Entities

Cybersecurity researchers have uncovered two previously undocumented cyber campaigns targeting Indian government entities, attributed to a threat actor believed to be operating from Pakistan. The campaigns, identified by Zscaler ThreatLabz in September 2025, have been named Gopher Strike and Sheet Attack. According to researchers Sudeep Singh and Yin Hong Chang, the operations show overlaps with known Pakistan-linked APT activity, particularly

Experts Identify Pakistan Linked Cyber Campaigns Targeting Indian Government Entities Read More »