The Hacker News

Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Signal issues scam warning to users after hackers target officials

Signal says its systems are secure but it is taking reports of targeted attempts to hack some officials "very seriously".
Cyber Daily

Patch now! Exploitation of Nginx UI vulnerability “imminent,” warns threat analyst

Hackers are already probing impacted versions of Nginx web server’s user interface, hunting for credentials and encryption keys.