Cybercriminals are using SEO poisoning and fake Gemini and Claude installer sites to infect developers with fileless malware and steal data.
Tag: installer
Global Security News
Fake Claude Code Page Pushes PowerShell Stealer at Devs
Ontinue uncovers fake Claude Code installer pushing PowerShell stealer abusing Chrome’s IElevator2
AI, Global Security News, malware
InstallFix and Claude Code: How Fake Install Pages Lead to Real Compromise
Targeting multiple industries worldwide, the InstallFix campaign uses fake Claude AI installer pages to trick users into running malware that collects system information, disables security features, achieves persistence, and connects to attacker-controlled C&C servers for additional payloads.
AI, Global Security News, malware
Fake Claude AI Installer Targets Windows Users with PlugX Malware
Fake Claude AI installer mimicking Anthropic spreads PlugX malware on Windows, using DLL sideloading to gain persistent remote access to infected systems.
AI, Apps, Global Security News, malware
Devs looking for OpenClaw get served a GhostClaw RAT
A malicious npm package posing as an OpenClaw Installer has been caught deploying a remote access trojan (RAT) on victim machines, according to new JFrog research. The package, published under the name “@openclaw-ai/openclawai”, pretends to be an installer for the legitimate CLI tool but instead launches a multi-stage infection chain that steals system credentials, browser…
AI, Cybersecurity, Global Security News
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named “@openclaw-ai/openclawai,” was uploaded to the registry by a user named “openclaw-ai” on March 3, 2026. It has been downloaded 178 times to date. The…
AI, Apps, Global Security News, Risk Management
Cork Cyber Unveils Software Installer Scripts
At ThreatLocker Zero Trust World, Cork Cyber announced the launch of Software Installer Scripts within the Cork Vantage Platform, a new capability that enables MSPs to generate dynamic installer scripts for vulnerable and outdated software across Windows environments. Aligning operational security with financial continuity According to Cork Cyber, the release addresses the longstanding problem of…
AI, Global Security News, Microsoft, News, update
Microsoft Store updated with a new CLI, analytics, and Web Installer improvements
Microsoft has introduced new developer tools, updates to developer analytics, and a Web Installer in the Microsoft Store on Windows to help developers build and scale apps on the platform. “The Microsoft Store on Windows continues to evolve, shaped by ongoing feedback from developers building and scaling apps on the platform. Over the past months,…
Global Security News, Security
Malicious 7-Zip site distributes installer laced with proxy tool
A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user’s computer into a residential proxy node. […]