The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.
腾讯网

有人已经用小龙虾OpenClaw偷钱和数据了!

最近爆火的“小龙虾”,开始被黑客盯上了。越来越多披露的案例显示,有人正利用这些 AI 工具,偷 token、窃取数据,甚至理论上可以直接勒索用户。LinkedIn ...