An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

Rust-based VENON malware targets 33 Brazilian financial platforms using advanced evasion and overlays, enabling credential theft.

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without limits, and take full control by exploiting implicit trust in localhost ...

Researchers at Endor Labs uncovered 88 new packages tied to new waves of the campaign, which uses remote dynamic dependencies to deliver credential-stealing malware.

NEW YORK CITY, NY / ACCESS Newswire / March 11, 2026 / OpenClawd AI today released a platform update to its cloud-hosted deployment service for OpenClaw, the open-source AI agent formerly known as ...

The now-patched flaw is the latest in a growing string of security issues with the viral AI tool, which has seen rapid adoption among developers.

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Don't leave your OpenClaw with an easy password ...

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in OpenClaw that allows any website to silently take full control of a developer's AI ...