The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

OpenClaw patches one-click RCE as security Whac-A-Mole continues

Researchers disclose rapid exploit chain that let attackers run code via a single malicious web page Security issues continue ...

MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...

OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.

API keys and credentials. Agents operate inside authorized permissions where firewalls can't see. Traditional security models ...

Windscribe review: Despite the annoyances, it has the right idea

Windscribe is a virtual private network (VPN) with intense "How do you do, fellow kids?" energy. It has servers in 69 ...