Credential Theft
Details on methods and consequences of credential theft
-
Malicious npm package posing as OpenClaw installer deploys RAT, steals macOS credentials
Researchers say a malicious npm package named @openclaw-ai/openclawai masqueraded as an OpenClaw installer, deployed a remote access trojan, and stole sensitive data from macOS systems after being uploaded by a user named openclaw-ai on March 3, 2026.
-
Shai-Hulud Supply Chain Attack: How npm Tokens Became Million-Dollar Keys
Shai-Hulud demonstrates how compromised npm tokens became a self-replicating worm affecting hundreds of packages, exposing 400,000 developer secrets and enabling the $8.5 million Trust Wallet crypto theft.
-
What is Rhadamanthys Infostealer?
Rhadamanthys Infostealer compromises digital security by illicitly acquiring sensitive user data. This sophisticated malicious software operates as a Malware-as-a-Service (MaaS), posing a significant threat to individuals and organizations. It facilitates widespread credential theft and financial exploitation. This report examines Rhadamanthys’ operational mechanisms, its propagation methods, and the broader implications of its activities, including recent efforts…