A sprawling Chinese influence operation — accidentally revealed by a Chinese law enforcement official’s use of ChatGPT — focused on intimidating Chinese dissidents abroad, including by impersonating US immigration officials, according to a new report from ChatGPT-maker OpenAI.

The Chinese law enforcement official used ChatGPT like a diary to document the alleged covert campaign of suppression, OpenAI said. In one instance, Chinese operators allegedly disguised themselves as US immigration officials to warn a US-based Chinese dissident that their public statements had supposedly broken the law, according to the ChatGPT user. In another case, they describe an effort to use forged documents from a US county court to try to get a Chinese dissident’s social media account taken down.

OpenClaw started as a side project of a developer who wanted to make his (and others) life easier with AI assistance. Clean mailbox, control schedule, organize thoughts and hear some music while his bot is doing all the dirty jobs for him.

With vibe coding Peter Steinberger developed OpenClaw. Kudus for that. But since then apart from changing its name twice it created a massive chatter around two topics. The AI hype and its cyber security implications.

This project has rapidly moved from a niche automation framework discussed in developer communities to a topic appearing across security research feeds, Telegram channels, forums, and underground-adjacent chatter. Alongside it, names like ClawDBot and MoltBot have appeared in the same narrative space, often framed as malicious derivatives, companion tooling, or botnet-like ecosystems.

Microsoft has patched a high-severity remote code execution (RCE) vulnerability in the modern Windows Notepad application, tracked as CVE-2026-20841, as part of its February 2026 Patch Tuesday release cycle.

The flaw, rooted in command injection, was originally discovered by Cristian Papa and Alasdair Gorniak of Delta Obscura and subsequently analyzed in depth by Nikolai Skliarenko and Yazhi Wang of the TrendAI Research team.

Successful exploitation allows an attacker to execute arbitrary commands in the security context of the victim’s account, simply by tricking the user into opening a specially crafted Markdown file and clicking a malicious hyperlink.

Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials.

“The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing arbitrary shell commands and exfiltrating Anthropic API keys when users clone and open untrusted repositories,” Check Point researchers Aviv Donenfeld and Oded Vanunu said in a report shared with The Hacker News.

Ruotsalaismedia TV4 kertoo useiden viranomaisten siirtyneen hälytystilaan.

Energiainfrastruktuuriin on kohdistunut vakava ulkoinen uhka kaikissa Pohjoismaissa, kertovat ruotsalaisen TV4:n lähteet.

TV4:n mukaan ulkomaiseen valtaan liittyvä uhka on otettava erittäin vakavasti. Media kertoo useiden Pohjoismaisten viranomaisten siirtyneen hälytystilaan ja Ruotsin poliisia on määrätty valvomaan energiatoimituksiin liittyviä yhteiskunnallisesti kriittisiä toimintoja.