Cybersecurity Updates: OpenClaw Monitoring, Synology Patch, Malicious VS Code Extensions, and Azure TLS Deprecation

4 Feb 2026

CybersecurityVulnerabilitiesMalwareEncryptionOpenSourceToolsSupplyChainAttacksProtocolDeprecationTelemetryHardeningSandboxing

On February 4, 2026, the SANS Internet Storm Center covered several cybersecurity topics. Johannes Ullrich presented tools to detect and monitor OpenClaw: two scripts released by Gnostic enable identifying its installation via configuration files and logging its interactions (commands, prompts, connections to services) through an integrated telemetry plugin. Links to OpenClaw's official documentation were provided for hardening, including prompt hardening techniques and sandbox execution. Synology released a DSM system update fixing a critical vulnerability in TelnetD (linked to InetD). Malicious ClassWorm extensions for Visual Studio Code, discovered by socket.dev, target four extensions (including Visual Studio Code Mind Map and FTP-SFTP-Sync), hijacked via the compromised account of a developer (O R Zzz). These extensions have accumulated several thousand downloads. Microsoft disabled TLS 1.0 and 1.1 for Azure Blob Storage on February 3, 2026, in line with its initial announcement.