#agentic AI
AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code
A critical three-vulnerability exploit chain called AutoJack allows a single malicious web page to hijack Microsoft AutoGen Studio's browsing agent and execute arbitrary code on the developer's machine,...
Five OpenClaw Zero-Days Let Attackers Silently Hijack AI Agent Access on Slack, Teams, and Discord
Researcher Philip Garabandic disclosed five zero-day vulnerabilities in OpenClaw allowing identity spoofing to hijack trusted AI agent access across Slack, Discord, Microsoft Teams, Matrix, and Zalo. The same...
Malicious DeepSeek-Claw AI Skill Delivers Remcos RAT and GhostLoader in Agentic AI Supply Chain Attack
Zscaler ThreatLabZ has uncovered a campaign where attackers published a fake DeepSeek integration for the OpenClaw AI framework on GitHub, hiding malicious commands in a SKILL.md file. The...