Bing AI promoted fake OpenClaw GitHub repo pushing info-stealing malware

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed ...

Malware-laced OpenClaw installers get Bing AI search boost

Think before you download OpenClaw, the AI agent that can manage just about anything, is risky all by itself, but now fake ...

Hackers exploit OpenClaw to spread malware via GitHub - and a little help from Bing

OpenClaw's popularity is proving to be a great vessel for malware distribution, especially when it's advertised via Bing.
SecurityWeek

GitHub Issues Abused in Copilot Attack Leading to Repository Takeover

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...
GIGAZINE

It was pointed out that repositories that were supposed to be private on GitHub were made public through Microsoft's AI assistant 'Copilot'

The software development platform GitHub allows users to manage projects by making repositories private, preventing code from being seen by anyone other than those involved. However, an investigation ...
Bleeping Computer

GitHub comments abused to push malware via Microsoft repo URLs

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. While most ...
Dark Reading

Hackers Hide Remcos RAT in GitHub Repository Comments

Trusted and widely used software development and collaboration platforms like GitHub and GitLab have become both targets of and vehicles for a growing range of malicious activity. The latest ...
Dark Reading

Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments

Hackers are using unpublished GitHub and GitLab comments to generate phishing links that appear to come from legitimate open source software (OSS) projects. The clever trick, first described by Sergei ...