SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...
Dark Reading

Critical OpenClaw Vulnerability Exposes AI Agent Risks

The now-patched flaw is the latest in a growing string of security issues with the viral AI tool, which has seen rapid ...
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...
Security Boulevard

Latest OpenClaw Flaw Can Let Malicious Websites Hijack Local AI Agents

Oasis Security researchers find yet another security problem with the OpenClaw AI agent, with this one allowing malicious ...
IFA Magazine

5 employee habits that lead to data breaches

From password reuse to unsecured remote working, small digital habits can scale into major organisational risk. With data ...

Table of Experts: Cybersecurity and AI—5 critical insights from regional experts

Risk management—not technology—is now central to organizational resilience. Here are five key takeaways every business should consider in 2026.

Oasis Security Research Team Discovers Critical Vulnerability in OpenClaw

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in ...

How payment fraud evolved from ancient Roman coins to AI-deepfakes — and what's next

Although AI has introduced a new threat in the world of payments fraud, it has also emerged as the analytical backbone of ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the ...