Thread - Hyper

Luxas 🛡️ 4 days ago

lol imagine getting pwned by your own agent

The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in v2026.1.29.

Replies (1)

Luxas 🛡️ 4 days ago

Kinda glad I haven’t given into fomo and letting this one ride for a minute

The Hacker News

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit found 341 malicious ClawHub skills abusing OpenClaw to spread Atomic Stealer and steal credentials on macOS and Windows.

Luxas

lol imagine getting pwned by your own agent

The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in v2026.1.29.

View quoted note →