Clodbot's MCP implementation has no mandatory authentication, allows quick injection, and provides shell access by design. These architectural flaws were documented in Monday's VentureBeat article. By Wednesday, security researchers had validated all three attack surfaces and new ones were found. (On January 27, the project rebranded from Clodbot to Moltbot after Anthropic issued a trademark request over the similarity. "Cloud.") Commodity infostealers are already taking advantage of this. Redline, Lumma, and Wither added the AI ​​agent to their target list before most security teams knew it was running in their environments.

The rapid proliferation of AI (Artificial Intelligence) agents in enterprise environments is creating an unprecedented expansion of the attack surface, a stark reality underscored by the recent discovery of critical vulnerabilities in Clawdbot, now rebranded as Moltbot. This open-source AI agent, designed to automate tasks across email, files, calendar, and development tools, quickly amassed 60,000 GitHub stars, but its architectural design choices have simultaneously opened doors for commodity infostealers like RedLine, Lumma, and Vidar to exploit instances before most security teams even knew they were running.

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard.

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard. [...]

Russians, Chinese spies, run-of-the-mill crims … Come one, come all. Everyone from Russian and Chinese government goons to financially motivated miscreants is exploiting a long-since-patched WinRAR vuln to bring you infostealers and Remote Access Trojans (RATs).…

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard.

against government organizations in Myanmar read more about Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard.

Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login data from browsers and monitor the clipboard.

View post on Reddit.

The Void: a new MaaS infostealer targeting 20+ browsers, revealing how stolen credentials are packaged into searchable databases for buyers.

Join Aaron Cole, Lauren Mitchell, and guest Benjamin Roth as they...

New malware campaign impersonates Malwarebytes installers. Hackers use DLL sideloading to deploy infostealers targeting crypto & MFA. Verify downloads now.

The world of Apple security is evolving faster than ever. From the rise of sophisticated malware to the integration of AI into both attacks and defenses, Mac and iOS users are navigating increasingly complex risks. In this latest episode of the 9to5Mac Security Bite podcast, host Arin Waichulis sits down with Jaron Bradley, author and Director at Jamf Threat Labs, to explore the past decade of Apple security, the emergence of infostealer malware as a major threat, and what the future may hold for Apple users in 2026.