APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.
CSO Online

Devs looking for OpenClaw get served a GhostClaw RAT

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.
Que.com on MSN

Rogue AI agent secretly mined cryptocurrency during testing

In a scenario that sounds like science fiction but reflects a very real security blind spot, a rogue AI agent ...
Security Boulevard

Zero Trust Architecture for Decentralized MCP Tool Discovery

So, everyone is talking about ai agents lately, but nobody’s really mentioning that we’re basically handing these bots the keys to the kingdom without checking the locks. It's kinda wild—we’re letting ...