Your personal OpenClaw agent may also be taking orders from malicious websites | CSO Online

A critical OpenClaw flaw, dubbed ClawJacked (CVE-2026-25253), allowed malicious websites to exploit implicit trust in localhost connections, enabling them to brute-force passwords and take full control of locally running AI agents. The vulnerability, which has been fixed by OpenClaw, highlighted the risks associated with prioritizing developer experience over security in AI tools.