OpenClaw has added VirusTotal's malware scanning to its ClawHub marketplace after finding 341 malicious skills in its platform. This integration scans all published skills for known malware, but experts warn it won't catch all threats, particularly those using prompt injection techniques.

VirusTotal uncovered a phishing campaign that utilizes SVG files to create deceptive portals mimicking Colombia's judicial system, leading users to download malware. The AI Code Insight feature enabled the detection of these previously undetected SVG files, which cleverly employ JavaScript to simulate a legitimate download process. This highlights the growing use of SVGs in cyberattacks and the importance of AI in identifying such threats.