The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...
CoinDesk

OpenClaw developers targeted in GitHub phishing scam offering fake token airdrops

Attackers impersonate OpenClaw on GitHub, luring developers with bogus CLAW giveaways that trick users into connecting crypto wallets and exposing funds to malicious drains.