The Hacker News

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

SmartLoader campaign spreading StealC via a trojanized Oura MCP server using fake GitHub forks to steal credentials and crypto funds.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...
The Hacker News

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Infostealer malware stole OpenClaw AI agent files including tokens and keys, while exposed instances and malicious skills expand security risks.