Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...

OpenClaw is in the news again for another serious security issue. Security researchers from Oasis Security discovered a ...

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in ...

Introduction: The Evolution of Browser Security For two decades, the web browser served as the primary security frontier for digital interactions. The logic was clear: the browser represented the lens ...

The malicious version of Cline's npm package — 2.3.0 — was downloaded more than 4,000 times before it was removed.

Researchers say an AI-powered code scanner traced untrusted data across layers of OpenClaw, exposing exploitable weaknesses including SSRF, authentication bypass, and path traversal.

OpenClaw, a widely used open-source autonomous AI assistant, has pushed out version 2026.2.17 with expanded capabilities that include support for Anthropic’s latest Claude Sonnet 4.6 model and ...

Researchers show AI assistants can act as stealth C2 proxies, enabling malware communication, evasion, and runtime attack ...

Local AI agents and a gaming handheld - what could possibly go wrong?