Supply Chain Attack Secretly Installs OpenClaw for Cline Users

Blog

Byadmblake February 19, 2026

The malicious version of Cline’s npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

Blog

⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More

In a world where threats are persistent, the modern CISO’s real job isn’t just to secure technology—it’s to preserve institutional trust and ensure business continuity. This week, we saw a clear pattern: adversaries are targeting the complex relationships that hold businesses together, from supply chains to strategic partnerships. With new regulations and the rise of…

Read More ⚡ Weekly Recap: Bootkit Malware, AI-Powered Attacks, Supply Chain Breaches, Zero-Days & More
Blog

IoT Security Flounders Amid Churning Risk

The Internet of Things (IoT) has made everything more interconnected than ever, but an important US government security initiative is stuck in limbo even as threat actors step up attacks on everything from medical gear to printers.

Read More IoT Security Flounders Amid Churning Risk
Blog

Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims

Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going “dark.” Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by…

Read More Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims
Blog

Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover

The CERT Coordination Center (CERT/CC) has disclosed details of an unpatched security flaw impacting TOTOLINK EX200 wireless range extender that could allow a remote authenticated attacker to gain full control of the device. The flaw, CVE-2025-65606 (CVSS score: N/A), has been characterized as a flaw in the firmware-upload error-handling logic, which could cause the device…

Read More Unpatched Firmware Flaw Exposes TOTOLINK EX200 to Full Remote Device Takeover
Blog

Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers

In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US.

Read More Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers
Blog

OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups

OpenAI has revealed that it banned a set of ChatGPT accounts that were likely operated by Russian-speaking threat actors and two Chinese nation-state hacking groups to assist with malware development, social media automation, and research about U.S. satellite communications technologies, among other things. “The [Russian-speaking] actor used our models to assist with developing and refining

Read More OpenAI Bans ChatGPT Accounts Used by Russian, Iranian and Chinese Hacker Groups

Related