#AI agent security
Malicious ClawHub Skills Compromise AI Agents With Hidden Backdoors — 247,000 Installs, $2.3M Stolen
Researchers scanning 50,000 ClawHub skills — the official marketplace for the OpenClaw AI agent platform — found working remote control backdoors, credential stealers, and autonomous malware that installs...
AutoJack: A Single Malicious Web Page Can Hijack Your AI Agent and Execute Arbitrary Code
A critical three-vulnerability exploit chain called AutoJack allows a single malicious web page to hijack Microsoft AutoGen Studio's browsing agent and execute arbitrary code on the developer's machine,...
Five OpenClaw Zero-Days Let Attackers Silently Hijack AI Agent Access on Slack, Teams, and Discord
Researcher Philip Garabandic disclosed five zero-day vulnerabilities in OpenClaw allowing identity spoofing to hijack trusted AI agent access across Slack, Discord, Microsoft Teams, Matrix, and Zalo. The same...