ClawJacked attack let malicious websites hijack OpenClaw to steal data

Published on March 1, 2026

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally running instance and take control over it. [...]

Continue reading on website
Other news

Samsung TVs to stop collecting Texans’ data without express consent

March 1, 2026
Samsung and the State of Texas have reached a settlement agreement over the alleged unlawful collection of content-viewing information through its smart TVs [...]

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

March 2, 2026
Cybersecurity researchers have disclosed a new iteration of the ongoing Contagious Interview campaign, where the North Korean threat actors have published a set of 26 malicious packages to the npm registry.The packages masquerade as developer tools, but contain functionality to extract the actual command-and-control (C2) by using seemingly harmless Pastebin content as a dead drop resolver and