The Hacker News

âš¡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

This week’s cyber recap covers AI risks, supply-chain attacks, major breaches, DDoS spikes, and critical vulnerabilities security teams must track.

Researchers warn OpenClaw users after malicious plugins surface on ClawHub

Researchers have warned OpenClaw users after malicious skills surfaced on ClawHub, exposing supply chain risks tied to weak plugin reviews.
The Hacker News

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.

California sues websites that publish blueprints for 3D printer ghost guns

Two websites that distribute instructions for how to manufacture ghost guns are facing a new lawsuit from the state of ...
SecurityWeek

SmarterTools Hit by Ransomware via Vulnerability in Its Own Product

SmarterTools says the Warlock ransomware group hacked it through a VM running an unpatched SmarterMail server.

Password guessing without AI: How attackers build targeted wordlists

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password ...

GPT-5.3 Codex Raises the Bar, but Opus 4.6 Still Owns Deep Reasoning

In benchmark tests such as Swaybench Pro and Terminal Bench, GPT-5.3 Codex consistently outperformed its predecessors, setting new standards for speed and execution. When compared to Anthropic’s Opus ...