#websocket-exploitation

[ follow ]
#ai-security-vulnerability #openclaw-clawjacked #supply-chain-security #localhost-security #ai-security
Information security
fromTechzine Global
2 weeks ago

Flaw in OpenClaw allows complete takeover of AI agent

A critical vulnerability in OpenClaw allowed arbitrary websites to hijack AI assistants through localhost WebSocket connections without user interaction or malicious plugins.
Information security
fromThe Hacker News
3 weeks ago

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw fixed a high-severity vulnerability allowing malicious websites to hijack locally running AI agents through password brute-forcing and unauthorized device registration.
[ Load more ]