Tag: marketplace

Enzoic Expands Protection Against Dark Web Credential Exposure

Mar 12, 2026 7:10 PM

Tags: breach, credentials, dark-web, data, data-breach, marketplace, password, risk

Credentials exposed in breach data can create risk long after the original incident. Once those passwords circulate through underground marketplaces, they can be reused to target enterprise systems and customer accounts. According to the Verizon Data Breach Investigations Report, stolen credentials play a major role in web application breaches. Attackers frequently automate credential stuffing and……
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
When AI safety constrains defenders more than attackers

Mar 10, 2026 8:47 AM

Tags: access, ai, attack, authentication, awareness, business, chatgpt, ciso, control, defense, detection, email, exploit, framework, LLM, malicious, malware, marketplace, microsoft, offense, open-source, openai, penetration-testing, phishing, RedTeam, service, social-engineering, spear-phishing, strategy, threat, tool, training, usa, vulnerability

The attacker advantage: Threat actors operate under no such constraints. They simply use jailbroken models, locally hosted open-source alternatives, or purpose-built malicious tools that have proliferated across underground markets.WormGPT, originally shut down in 2023, has reappeared largely as a recycled brand name for uncensored AI tools. New variants posted on underground marketplace BreachForums between October…
TDL – Defense Before Offense: Leadership, Risk, and the Cost of Bad Decisions – Steven Elliott

Mar 7, 2026 12:48 AM

Tags: ai, apple, business, cctv, ceo, ciso, country, cyber, cybersecurity, data, defense, finance, guide, insurance, international, Internet, jobs, marketplace, metric, military, network, offense, organized, resilience, risk, service, software, strategy, switch, technology, threat, usa

From the Battlefield to the Boardroom: Lessons in Defense In the latest episode of The Defender’s Log, host David Redekop sits down with Steven Elliott, CFO of Adam Networks, to explore the surprising parallels between military operations, financial management, and cybersecurity. A Journey of Unpredictable Paths Elliott’s background is anything but linear. From a small…
LeakBase marketplace unplugged by cops in 14 countries

Mar 6, 2026 5:47 AM

Tags: banking, breach, credentials, cybercrime, data, germany, infrastructure, international, Internet, law, marketplace, phishing, service, theft

Global effort: Thanks to international co-operation, a number of criminal marketplaces have been seized in recent years, including BreachForums and RaidForums.Law enforcement agencies involved in various ways in this week’s takedown came from Australia, Belgium, Canada, Germany, Greece, Kosovo, Malaysia, Netherlands, Poland, Portugal, Romania, Spain, the United Kingdom and the US.News of the seizure comes…
Neue Wege für Sicherheitsteams: Armis startet digitalen Marketplace

Mar 5, 2026 5:47 PM

Tags: marketplace

Anstatt lange zu recherchieren oder Lösungen erst mühsam zu testen, können Teams im Marketplace direkt prüfen, wie eine Lösung mit den eigenen Systemen und Assets zusammenarbeitet und in Rekordzeit von der Evaluierung zur Implementierung übergehen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/neue-wege-fuer-sicherheitsteams-armis-startet-digitalen-marketplace/a43961/
Top 10 Best Cybersecurity Marketing Agencies to Watch in 2026

Mar 5, 2026 11:47 AM

Tags: ciso, cyber, cybersecurity, dark-web, marketplace, monitoring, privacy, software, threat, tool, zero-trust

As the digital threat landscape continues to evolve rapidly, the marketplace for security solutions has become fiercely congested. For B2B vendors, whether you are selling enterprise Zero Trust architecture, dark web monitoring tools, or consumer-grade privacy software, standing out requires more than just a superior technical product. You need to capture the attention of CISOs,…
Authorities from 14 countries shut down major cybercrime forum LeakBase

Mar 4, 2026 7:50 PM

Tags: cybercrime, marketplace

The marketplace was one of the world’s largest hubs for cybercrime with more than 142,000 members. Officials identified and arrested multiple suspects after seizing the site’s database. First seen on cyberscoop.com Jump to article: cyberscoop.com/leakbase-cybercrime-forum-seized/
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems

Mar 3, 2026 12:47 PM

Tags: access, cloud, corporate, credentials, cyber, data-breach, exploit, hacker, marketplace, network, ransomware, vpn

Hackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full network compromise, supporting ransomware operators, Initial Access Brokers (IABs), and hacktivist collectives. Telegram hosts popular…
ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

Feb 28, 2026 7:38 PM

Tags: ai, exploit, flaw, intelligence, malicious, marketplace, vulnerability

OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control.”Our vulnerability lives in the core system itself no plugins, no marketplace, no user-installed extensions just the bare OpenClaw gateway, running exactly as documented,” Oasis…
The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web

Feb 25, 2026 4:37 PM

Tags: dark-web, data, marketplace, open-source, risk, skills, supply-chain

OpenClaw has sparked heavy Telegram and dark web chatter, but Flare’s data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills marketplace, yet limited signs of large-scale criminal operationalization. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-openclaw-hype-analysis-of-chatter-from-open-source-deep-and-dark-web/
ShinyHunters cyberattack on CarGurus impacts 12.4 Million users

Feb 25, 2026 2:37 PM

Tags: cyberattack, data, data-breach, group, marketplace

ShinyHunters leaked data from 12.4M CarGurus accounts, exposing personal information from the U.S.-based auto research and shopping platform. The ShinyHunters group published personal data from over 12 million CarGurus accounts. CarGurus is a U.S.-based digital automotive marketplace that helps users research, compare, and connect with sellers of new and used vehicles. Operating in the U.S.,…
13 ways attackers use generative AI to exploit your systems

Feb 23, 2026 9:01 AM

Tags: access, ai, attack, authentication, awareness, breach, captcha, ceo, chatgpt, ciso, cloud, credentials, crypto, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, email, espionage, exploit, extortion, finance, flaw, framework, fraud, google, government, group, hacker, identity, infrastructure, intelligence, law, LLM, login, malicious, malware, marketplace, network, open-source, password, phishing, privacy, ransomware, resilience, risk, saas, scam, service, social-engineering, startup, supply-chain, tactics, technology, theft, threat, tool, vulnerability, zero-day

Facilitating malware development: AI can also be used to generate more sophisticated, or less labour-intensive, malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s detailed line-by-line description…
13 ways attackers use generative AI to exploit your systems

Feb 23, 2026 9:01 AM

Tags: access, ai, attack, authentication, awareness, breach, captcha, ceo, chatgpt, ciso, cloud, credentials, crypto, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, email, espionage, exploit, extortion, finance, flaw, framework, fraud, google, government, group, hacker, identity, infrastructure, intelligence, law, LLM, login, malicious, malware, marketplace, network, open-source, password, phishing, privacy, ransomware, resilience, risk, saas, scam, service, social-engineering, startup, supply-chain, tactics, technology, theft, threat, tool, vulnerability, zero-day

Facilitating malware development: AI can also be used to generate more sophisticated, or less labour-intensive, malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s detailed line-by-line description…
ClawHavoc Infects OpenClaw’s ClawHub with 1,184 Malicious Skills, Exposing Data Theft Risks

Feb 18, 2026 12:58 PM

Tags: ai, cyber, data, malicious, malware, marketplace, risk, skills, supply-chain, theft

A large-scale supply chain poisoning campaign dubbed ClawHavoc has hit OpenClaw’s official skill marketplace, ClawHub, with at least 1,184 malicious “Skills” historically published on the platform. The incident highlights how fast-growing AI agent ecosystems can become high-value malware distribution channels when plugins are easy to publish and users routinely grant agents broad system access. OpenClaw (previously known…
New Sophisticated ‘Carding-as-a-Service’ Marketplaces Fuel Surge in Credit Card Fraud

Feb 17, 2026 11:58 AM

Tags: breach, credit-card, cyber, fraud, malware, marketplace, service

Credit card fraud has matured into a service-based criminal economy where stolen cards, malware, and support are bundled and sold like commercial products. Underground “dump shops” such as Findsome, UltimateShop, and Brian’s Club now operate as full-fledged carding-as-a-service (CaaS) marketplaces, mirroring legitimate e”‘commerce platforms in usability, scale, and customer focus. At the core of this ecosystem is…
Was CISOs über OpenClaw wissen sollten

Feb 16, 2026 9:58 PM

Tags: ai, api, authentication, browser, bug, chrome, ciso, cloud, crypto, cyberattack, ddos, DSGVO, firewall, gartner, github, intelligence, Internet, jobs, linkedin, LLM, malware, marketplace, mfa, open-source, risk, security-incident, skills, software, threat, tool, update, vulnerability

Lesen Sie, welches Sicherheitsrisiko die Verwendung von OpenClaw in Unternehmen mit sich bringt.Das neue Tool zur Orchestrierung persönlicher KI-Agenten namens OpenClaw früher Clawdbot, dann Moltbot genannt erfreut sich aktuell großer Beliebtheit. Die Open-Source-Software kann eigenständig und geräteübergreifend arbeiten, mit Online-Diensten interagieren und Workflows auslösen kein Wunder, dass das Github-Repo in den vergangenen Wochen Millionen von…
New XWorm RAT Campaign Leverages Phishing and CVE-2018-0802 Excel Exploit to Bypass Detection

Feb 13, 2026 10:58 AM

Tags: attack, control, cve, cyber, cybercrime, data, ddos, detection, exploit, marketplace, phishing, ransomware, rat, theft, windows

XWorm, a multi-functional .NET”‘based RAT first observed in 2022, remains actively traded across cybercrime marketplaces and continues to attract both low-skilled and advanced operators thanks to its rich feature set and plugin-based architecture. Once deployed, it enables full remote control of compromised Windows systems, including data theft, remote desktop control, DDoS attacks, and ransomware execution.…
‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

Feb 12, 2026 8:58 PM

Tags: banking, breach, browser, chrome, control, credentials, credit-card, data, finance, google, infrastructure, malicious, marketplace, microsoft, office, password, phishing

outlook-one.vercel.app, hosted on the Vercel development platform, from which users download the software.”Microsoft reviews the manifest, signs it, and lists the add-in in their store. But the actual content the UI, the logic, everything the user interacts with is fetched live from the developer’s server every time the add-in opens,” said Koi Security’s researchers. By…
AMOS infostealer targets macOS through a popular AI app

Feb 12, 2026 3:58 PM

Tags: ai, cybercrime, macOS, marketplace

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/
AMOS infostealer targets macOS through a popular AI app

Feb 12, 2026 3:58 PM

Tags: ai, cybercrime, macOS, marketplace

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare examines how AMOS operates, spreads through AI-driven lures, and feeds the broader stealer-log cybercrime economy. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/amos-infostealer-targets-macos-through-a-popular-ai-app/
News alert: GitGuardian raises $50M to tackle non-human identities crisis, AI agent security gap

Feb 11, 2026 8:58 PM

Tags: ai, github, identity, marketplace, software

NEW YORK, Feb. 11, 2026, CyberNewswire, GitGuardian, a leading secrets and Non-Human Identity (NHI) security platform and #1 app on GitHub Marketplace, today announced a $50 million Series C funding round led by global software investor Insight Partners”¦ (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/news-alert-gitguardian-raises-50m-to-tackle-non-human-identities-crisis-ai-agent-security-gap/
OpenClaw Adds VirusTotal Scanning to AI Agent Marketplace

Feb 9, 2026 4:14 PM

Tags: ai, malicious, marketplace

OpenClaw added VirusTotal scanning to its ClawHub marketplace to curb the spread of malicious AI agent skills. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/openclaw-adds-virustotal-scanning-to-ai-agent-marketplace/
âš¡ Weekly Recap: AI Skill Malware, 31Tbps DDoS, Notepad++ Hack, LLM Backdoors and More

Feb 9, 2026 3:14 PM

Tags: ai, backdoor, cloud, cyber, ddos, LLM, malware, marketplace, threat, tool, update

Cyber threats are no longer coming from just malware or exploits. They’re showing up inside the tools, platforms, and ecosystems organizations use every day. As companies connect AI, cloud apps, developer tools, and communication systems, attackers are following those same paths.A clear pattern this week: attackers are abusing trust. Trusted updates, trusted marketplaces, trusted apps,…
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

Feb 9, 2026 2:13 PM

Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerability

What prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…
OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks

Feb 9, 2026 2:13 PM

Tags: access, ai, api, control, crowdstrike, crypto, cybersecurity, data, data-breach, email, exploit, gartner, github, governance, injection, macOS, malicious, malware, marketplace, network, risk, security-incident, skills, software, threat, tool, virus, vulnerability

What prompted the response: The scanning initiative follows a series of security incidents documented by multiple firms over the past two weeks. Koi Security’s February 1 audit of all 2,857 ClawHub skills discovered 341 malicious ones in a campaign dubbed “ClawHavoc.”The professional-looking skills for cryptocurrency tools and YouTube utilities contained fake prerequisites that installed keyloggers…
Software developers: Prime cyber targets and a rising risk vector for CISOs

Feb 9, 2026 9:14 AM

Tags: access, ai, api, application-security, attack, automation, backdoor, breach, ceo, ciso, cloud, container, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, exploit, flaw, Hardware, identity, infrastructure, intelligence, Internet, jobs, leak, least-privilege, LLM, malicious, malware, marketplace, north-korea, open-source, phishing, programming, resilience, risk, saas, scam, service, social-engineering, software, supply-chain, theft, threat, tool, training, unauthorized, update, vulnerability

Credential theft and environment compromise: Attackers aren’t just looking for flaws in code “, they’re looking for access to software development environments.Common security shortcomings, including overprivileged service accounts, long-lived tokens, and misconfigured pipelines, offer a ready means for illicit entry into sensitive software development environments.”Improperly stored access credentials are low-hanging fruit for even the most amateur…
OpenClaw Taps VirusTotal to Safeguard AI Agent Skill Ecosystem

Feb 9, 2026 7:13 AM

Tags: ai, cyber, detection, finance, marketplace, software, threat, tool

As AI agents move from experimental chatbots to powerful tools capable of managing our finances and smart homes, security has become the top priority. Today, OpenClaw announced a major partnership with VirusTotal to bring advanced threat detection to ClawHub, its marketplace for AI skills. Why AI Agents Need Special Protection Traditional software is rigid; it…
OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills

Feb 8, 2026 9:14 AM

Tags: google, intelligence, malicious, marketplace, skills, threat

OpenClaw (formerly Moltbot and Clawdbot) has announced that it’s partnering with Google-owned VirusTotal to scan skills that are being uploaded to ClawHub, its skill marketplace, as part of broader efforts to bolster the security of the agentic ecosystem.”All skills published to ClawHub are now scanned using VirusTotal’s threat intelligence, including their new Code Insight capability,”…
OpenClaw reveals meaty personal information after simple cracks

Feb 6, 2026 1:13 AM

Tags: api, credit-card, marketplace, skills

Skills marketplace is full of stuff – like API keys and credit card numbers – that crims will find tasty First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/openclaw_skills_marketplace_leaky_security/