The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
GitHub

A tool to extract images from and inspect the payload.bin file from Android OTA zips.

Use linux, and have bzip2 and brotli installed. If you're on Windows, I'd greatly appreciate some help on getting this to work. I'm not even sure that it won't work since I don't have Windows! One ...