Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenClaw skills delivering infostealer malware to macOS and Windows systems

Malware Activity
First reported
Last updated
Happening score
H score 30
1 unique sources, 1 articles

Summary

Hide ▲

Researchers identified 386 malicious OpenClaw skills that pose an active infostealer risk to macOS and Windows users. The skills impersonate crypto-trading automation add-ons for ByBit, Polymarket, Axiom, Reddit and LinkedIn, then use social engineering to get users to run malicious commands. The operation is significant because it steals exchange API keys, wallet private keys, SSH credentials and browser passwords through a shared C2 server at 91.92.242.30.

Related Happenings

Skills.sh scanner blind spot for externally linked AI agent skills

Security Tool/Service
H score22 First: 23.06.2026 18:16 Last: 23.06.2026 18:16 Sources 1

About this happening: Security scanners for **AI agent skills**, including those wired into **skills.sh**, cleared a fake skill that hid its real payload behind **stitch-design.ai**, exposing a vetting...

JetBrains Marketplace malicious plugins exfiltrating AI provider keys

Malware Activity
H score12 First: 17.06.2026 12:38 Last: 17.06.2026 12:38 Sources 1

About this happening: A **JetBrains Marketplace** malware operation has pushed **15 malicious plugins** that pose as AI coding assistants and steal **AI provider API keys** from developers. The plugins...

OpenClaw outbound-mail approval gates and trust-scoped connector controls

Defensive Guidance
H score11 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: OpenClaw operators are adding **outbound-mail approval gates**, **trust-scoped connector access**, and **human approval** for risky actions to reduce **agent phishing** and unauth...

OpenClaw message-object prompt injection patched in 2026.4.23 security flaw

Vulnerability
H score15 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...

OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)

Vulnerability
H score31 First: 15.05.2026 16:35 Last: 15.05.2026 16:35 Sources 1

About this happening: Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...

Timeline

  1. 03.02.2026 18:30 2 articles · 5mo ago

    OpenClaw malicious skill campaign disclosed

    Initial Disclosure

    Security researcher Paul McCarty (6mile) disclosed 386 malicious ClawHub skills for OpenClaw that masquerade as cryptocurrency trading automation tools for ByBit, Polymarket, Axiom, Reddit and LinkedIn, then trick users into executing commands that install infostealer malware on macOS and Windows and steal API keys, wallet private keys, SSH credentials and browser passwords.

    Show sources