Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data theft.
Dark Reading

Critical OpenClaw Vulnerability Exposes AI Agent Risks

The now-patched flaw is the latest in a growing string of security issues with the viral AI tool, which has seen rapid adoption among developers.

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
The Hacker News

ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket

OpenClaw patches ClawJacked flaw, log poisoning bug, and multiple CVEs as 71 malicious ClawHub skills spread malware and ...
CSO Online

Your personal OpenClaw agent may also be taking orders from malicious websites

A critical OpenClaw flaw allowed malicious websites to connect to locally running agents, brute-force passwords without ...
GitHub

An AI Streamer Companion that allows integration with many streaming platforms and services through Websocket.

Websocket server for real-time communication with streaming platforms and services. COMING SOON - Custom actions triggered by the AI model sending messages to a websocket server. This tool is ...
GitHub

rice-awa/MCBE-AI-Agent

这是 MCBE WebSocket GPT 项目的完全重构版本,采用现代化异步架构,基于 PydanticAI 框架,支持多种 LLM 提供商,实现了 WebSocket 和 LLM 请求的完全解耦。 MCBE-AI-Agent/ ├── config/ # 配置管理 ...