Author: V Diwahar

ClawdBot, now operating under the name Moltbot, has quickly moved from a niche developer project to one of the most talked-about examples of an autonomous AI agent in 2026. Often promoted as a self-hosted, always-on AI employee, ClawdBot AI is designed to stay running in the background, remember context over time, and carry out real actions on behalf of its user. At the same time, growing attention around ClawdBot security risks has triggered serious concern across the cybersecurity and AI research communities. Many experts now point to Moltbot AI as a real-world illustration of broader agentic AI security challenges situations…

The discovery of a new malicious VS Code extension is another reminder that developer tools especially AI-driven ones are increasingly being abused by attackers. Security researchers recently uncovered a fake Moltbot VS Code extension malware campaign that made its way into Microsoft’s official Visual Studio Code Marketplace, quietly turning a supposed AI coding assistant into a backdoor. At first glance, the extension appeared to be tied to Moltbot, also known as Clawdbot, and promised developers a free AI-powered coding experience. In reality, the Moltbot AI coding assistant malware installed a remote access component that allowed attackers to maintain long-term control…

Meta is quietly preparing a shift that could change how people experience social media every day. The company plans to test Meta premium subscriptions across its biggest platforms Instagram, Facebook, and WhatsApp giving users the option to pay for smarter, AI-powered features while keeping the basics free. Rather than locking people out behind a paywall, Meta says the goal is simple: let users choose whether they want more control, better tools, and deeper AI assistance. This approach fits neatly into Meta’s growing focus on AI, especially as competition heats up with players like OpenAI and Google pushing AI into everyday…

Browser extensions have become a normal part of everyday internet use. Most users install them quickly, assuming that anything listed in an official store has already been checked and approved. Unfortunately, that sense of safety is now being exploited. A recently identified cybercrime operation known as Stanley demonstrates how malicious Chrome extensions are being used to carry out highly effective phishing campaigns directly inside the browser. Rather than relying on suspicious emails or fake links, attackers embed phishing functionality into extensions and distribute them through trusted platforms, driving a sharp increase in Chrome Web Store phishing. This shift represents a…

Microsoft is investigating a critical Windows 11 boot failure January 2026 update issue after its latest Patch Tuesday release caused widespread startup problems and system instability. The flawed update, KB5074109, impacts Windows 11 versions 25H2 and 24H2, affecting both consumers and enterprise environments. For many Windows 11 users, January’s routine security update turned into a worst-case scenario: computers that would no longer start. What should have been a standard Patch Tuesday instead resulted in black screens, endless reboots, and systems locked out of Windows entirely. This article walks through what went wrong with Microsoft’s January update, how serious the issue…

This week’s cybersecurity weekly report reveals something genuinely alarming threat actors are reverse-engineering security patches within 48 hours to weaponize them. The standout story: attackers cracked SmarterMail’s patch on January 15, understood what it fixed by January 17, and started active exploitation by January 21. That’s the new reality we’re facing. Meanwhile, Azure is bleeding critical privilege escalation flaws enabling unauthenticated attackers to move across entire tenant boundaries. On the ransomware front, Everest just took down Nissan and Ciena, stealing 900GB of data. SafePay is explicitly targeting HR departments to recruit insiders. This isn’t opportunistic anymore it’s strategic, targeted, and…