OpenClaw developers are being targeted on GitHub with fake $5,000 CLAW token giveaways that lead to wallet-draining sites.

GitHub is a vast labyrinth of amazing open-source software projects, and it can be hard to see some of the awesomeness within ...

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

Hackers have compromised virtually all versions of Aqua Security’s widely used Trivy vulnerability scanner in an ongoing ...

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Crypto scammers are exploiting the rising visibility of OpenClaw to target developers through a coordinated phishing campaign ...

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

New release integrates automated security scanning, AI-powered remediation, and GitHub-native workflows for enterprise ...

OpenClaw's Peter Steinberger warns all crypto emails tied to the project are scams as fake $CLAW airdrops target GitHub devs.

In March, JFrog Security Research documented a malware campaign titled GhostClaw/GhostLoader. Since the original documentation of this campaign, Jamf Threat Labs examined multiple GitHub repositories ...