Security Researchers Disclose "ClawJacked" Vulnerability in OpenClaw AI Agent

Security researchers disclosed a high-severity vulnerability named "ClawJacked" in the AI agent OpenClaw, which permitted malicious websites to silently brute-force access to a locally running instance and hijack control. The attack enabled unauthorized takeover of the OpenClaw agent, potentially leading to data theft. No specific CVE ID, dates, or affected version ranges were mentioned in the disclosure. The flaw involved exploiting a locally accessible instance through web-based interactions. The impact included unauthorized access and control over the AI agent’s functionality. The vulnerability was reported by security researchers without further attribution.