> TritonInfoSec News
Home / Mar 01, 2026 / Story
0
#6 The Hacker News general February 28, 2026 at 17:21 UTC

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

By [email protected] (The Hacker News)

AI Summary

OpenClaw fixed a high-severity vulnerability dubbed "ClawJacked" that allowed malicious websites to connect to locally running AI agents via WebSocket and hijack control. The flaw affected the core OpenClaw gateway system without requiring any plugins or extensions, demonstrating risks in local AI agent architectures.

Read full article → https://thehackernews.com/2026/02/clawjacked-flaw-…

Relevance score: 83.0/100

# More from March 01

  1. 1
    $4.8M in crypto stolen after Korean tax agency exposes wallet seed BleepingComputer
  2. 2
    Canadian Tire Data Breach Impacts 38 Million Accounts SecurityWeek
  3. 3
    Who is the Kimwolf Botmaster “Dort”? Krebs on Security
  4. 4
    Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement The Hacker News
  5. 5
    QuickLens Chrome extension steals crypto, shows ClickFix attack BleepingComputer
  6. 7
    900 Sangoma FreePBX Instances Infected With Web Shells SecurityWeek
  7. 8
    ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks The Hacker News
  8. 9
    Juniper Networks PTX Routers Affected by Critical Vulnerability SecurityWeek
  9. 10
    Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor The Hacker News