PANews
PANews|Mar 13, 2026 03:57
[SlowMist: ClawHub Developers, Beware of Phishing and Credential Leakage Risks] SlowMist Technology's Chief Information Security Officer, 23pds, issued a reminder stating that ClawHub developers should be cautious of phishing and credential leakage risks. Currently, ClawHub relies on developers' GitHub one-click login. Previously, the Sha1-Hulud worm stole a large number of developers' GitHub credentials, and attackers may exploit this to target Skills. The attack path is as follows: credential theft → attackers gain GitHub access → log in to ClawHub as developers → publish malicious Skills with embedded backdoors → users download and install, executing malicious code that leads to system intrusion.
+5
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads