A study using EEG technology suggests the neural pathways linking genes to intelligence are not static. While young adults rely on executive networks, older adults appear to depend more on sensory processing regions.
Get the latest international news and world events from around the world.
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit of 2,857 skills on ClawHub has found 341 malicious skills across multiple campaigns, according to new findings from Koi Security, exposing users to new supply chain risks.
ClawHub is a marketplace designed to make it easy for OpenClaw users to find and install third-party skills. It’s an extension to the OpenClaw project, a self-hosted artificial intelligence (AI) assistant formerly known as both Clawdbot and Moltbot.
The analysis, which Koi conducted with the help of an OpenClaw bot named Alex, found that 335 skills use fake pre-requisites to install an Apple macOS stealer named Atomic Stealer (AMOS). This activity set has been codenamed ClawHavoc.
OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link
A high-severity security flaw has been disclosed in OpenClaw (formerly referred to as Clawdbot and Moltbot) that could allow remote code execution (RCE) through a crafted malicious link.
The issue, which is tracked as CVE-2026–25253 (CVSS score: 8.8), has been addressed in version 2026.1.29 released on January 30, 2026. It has been described as a token exfiltration vulnerability that leads to full gateway compromise.
“The Control UI trusts gatewayUrl from the query string without validation and auto-connects on load, sending the stored gateway token in the WebSocket connect payload,” OpenClaw’s creator and maintainer Peter Steinberger said in an advisory.
Cloud storage payment scam floods inboxes with fake renewals
Over the past few months, a large-scale cloud storage subscription scam campaign has been targeting users worldwide with repeated emails falsely warning recipients that their photos, files, and accounts are about to be blocked or deleted due to an alleged payment failure.
Based on numerous emails seen by BleepingComputer, the campaign has escalated over the past few months, with people receiving multiple versions of the scam each day, all appearing to be sent by the same scammers.
While the email text, the messages all attempt to create a sense of urgency by claiming a payment problem or storage issue must be resolved immediately, or people’s files will be deleted or blocked.