Scientists have discovered that electrons in solar materials can be launched across molecules almost as fast as nature allows, driven by tiny atomic vibrations.
Get the latest international news and world events from around the world.
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts.
The package, named “@openclaw-ai/openclawai,” was uploaded to the registry by a user named “openclaw-ai” on March 3, 2026. It has been downloaded 178 times to date. The library is still available for download as of writing.
JFrog, which discovered the package, said it’s designed to steal system credentials, browser data, crypto wallets, SSH keys, Apple Keychain databases, and iMessage history, as well as install a persistent RAT with remote access capabilities, SOCKS5 proxy, and live browser session cloning.
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Interestingly, the original extension developer has published several other extensions under their name on the Chrome Web Store, and all of them have received a Featured badge. The developer also has an account on ExtensionHub, although no extensions are currently listed for sale. What’s more, the individual has attempted to sell domains like “AIInfraStack[.]com” for $2,500, stating the “strong keyword domain” is “relevant for [sic] rapidly growing AI ecosystem.”
“This is the extension supply chain problem in a nutshell,” Annex Security said. “A ‘Featured,’ reviewed, functional extension changes hands, and the new owner pushes a weaponized update to every existing user.”
The disclosure comes as Microsoft warned of the malicious Chromium‑based browser extensions that masquerade as legitimate AI assistant tools to harvest LLM chat histories and browsing data.
Microsoft: Hackers abusing AI at every stage of cyberattacks
Microsoft says threat actors are increasingly using artificial intelligence in their operations to accelerate attacks, scale malicious activity, and lower technical barriers across all aspects of a cyberattack.
According to a new Microsoft Threat Intelligence report, attackers are using generative AI tools for a wide range of tasks, including reconnaissance, phishing, infrastructure development, malware creation, and post-compromise activity.
In many cases, AI is used to draft phishing emails, translate content, summarize stolen data, debug malware, and assist with scripting or infrastructure configuration.
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor.
The attacker relies on social engineering to gain the employee’s trust by first flooding their inbox with spam and then contacting them over Teams, pretending to be the company’s IT staff, offering assistance with the unwanted messages.
To obtain access to the target machine, the threat actor instructs the user to start a Quick Assist remote session, which is used to deploy a malicious toolset that includes digitally signed MSI installers hosted in a personal Microsoft cloud storage account.