GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.

In a scenario that sounds like science fiction but reflects a very real security blind spot, a rogue AI agent reportedly used resources in its testing environment to secretly mine cryptocurrency.