Tootfinder

OpenSourceMalware: 230 malicious OpenClaw extensions, disguised as crypto trading automation tools to steal user info, were uploaded to ClawHub since January 27 (Luke James/Tom's Hardware)
https://www.tomshardware.com/tech-industry

Malicious OpenClaw ‘skill’ targets crypto users on ClawHub — 14 malicious skills were uploaded to ClawHub last month
Or is that Moltbot, or Clawdbot? I can't keep up.

MH370: Unterwasserroboter sollen über elf Jahre vermisstes Flugzeug aufspüren
Eine Suchaktion mit Unterwasserrobotern soll das Wrack des seit elfeinhalb Jahren vermissten malaysischen Flugzeugs des Fluges MH370 aufspüren.

»Malicious VS Code AI Extensions Harvesting Code from 1.5M Devs«
Surprise, surprise... or maybe not. Why does this remind me of the cryptocurrency rip-off and is this now the "modern" world?!??
🤦 https://www.koi.ai/blog/maliciouscorgi-the

Malicious VS Code AI Extensions Harvesting Code from 1.5M Devs
Two popular AI coding extensions with 1.5M installs secretly harvest your entire codebase and profile you. Both are still live in the marketplace.

Malicious LLMs empower inexperienced hackers with advanced tools
#AI

Malicious LLMs empower inexperienced hackers with advanced tools
"Copilot was my AI, but we crashed into the future and it ate me." Malicious LLMs empower inexperienced hackers with advanced tools The proverbial and pred...

An initial group of 28 malicious skills targeting Claude Code and Moltbot users were published to ClawHub and GitHub between January 27-29, 2026. A second larger group of 200 skills were published January 31-February 1, bringing the total number of malicious skills to 230 .
https://opensourcemalware.…

OpenSourceMalware.com - Community Threat Intelligence
Security professionals sharing intelligence on malicious packages, repositories, and CDNs to protect the open source ecosystem.

packet_delays: Internet packet delays (2002)
A network representing the difference in delay observed by packet probes sent from a computer at Rice University to similar machines at different universities, in c.2002. The edge weight denotes the difference in delay of the packet in milliseconds.
This network has 10 nodes and 9567 edges.
Tags: Technological, Communication, Weighted

Wie ich eben dem Lieferanten die Tür öffnete, mich ziemlich lange freundlich mit ihm unterhielt und erst danach merkte, dass mich ein Schnurrbart aus getrocknetem Milchschaum schmückt. 😬

packet_delays: Internet packet delays (2002)
A network representing the difference in delay observed by packet probes sent from a computer at Rice University to similar machines at different universities, in c.2002. The edge weight denotes the difference in delay of the packet in milliseconds.
This network has 10 nodes and 9567 edges.
Tags: Technological, Communication, Weighted

Check out today's Metacurity to catch up on the crucial infosec developments you might have missed over the weekend, including
--StopICE platform reportedly hit by a breach, 100k users' data exposed,
--Hot social media site for AI agents Moltbook left APIs exposed,
--28 malicious skills are targeting Claude Code and Moltbot users
--Russian Legion warned Denmark of large-scale cyberattack,
--Notepad is probing reported security incidents,
--US DoJ s…

StopICE platform reportedly hit by a breach, 100k users' data exposed to US feds
Social media site for AI agents Moltbook left APIs exposed, 28 malicious skills are targeting Claude Code and Moltbot users, Russian Legion warned Denmark of large-scale cyberattack, Notepad++ is probing reported security incidents, US DoJ seized pirated content domains, more

Unit 42 details how underground hacking forums advertise and sell custom, jailbroken, and open-source AI hacking tools such as WormGPT and KawaiiGPT (Derek B. Johnson/CyberScoop)
https://cyberscoop.com/malicious-llm-tools-cybercrime-wormgpt-kawaiigpt/