SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
Security Boulevard

Latest OpenClaw Flaw Can Let Malicious Websites Hijack Local AI Agents

Oasis Security researchers find yet another security problem with the OpenClaw AI agent, with this one allowing malicious websites to silently take control of a developer's system and steal data.
Security Boulevard

Why Browser Security Alone Will Not Protect Us in the Agentic AI Era

Introduction: The Evolution of Browser Security For two decades, the web browser served as the primary security frontier for digital interactions. The logic was clear: the browser represented the lens ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...