MEDIUMAi
Global

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

·Source: The Hacker News

Updated:

Executive Summary

Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on

Analysis

Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code or hand over sensitive data through ordinary-looking inputs. Imperva buried instructions inside shared contacts, vCards, and location pins that the agent executed without the victim ever seeing them. Varonis built a test agent on
Source Attribution

Originally published by The Hacker News on Jun 11, 2026.

Related Threats

CRITICALAiNEW

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph is an open-source framework created by LangChain to build complex, stateful, and multi-agent artificial intelligence (AI) agentic applications. "An SQL injection in LangGraph's function could

The Hacker News
MEDIUMAi

A Security Gets $37M to Thwart Weaponized AI With Automation

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/security-gets-37m-to-thwart-weaponized-ai-automation-image_small-7-a-31951.jpg" align=right hspace=4><b>Lightspeed Funds Will Support Defenses Against Continuous, Machine-Led Exploitation</b><br>A Security, founded by former Sygnia executive Yossi Torati, emerged from stealth with $37 million to build defenses against weaponized A

Bank Info Security
CRITICALAi

AI is exposing the biggest weakness in cybersecurity: We never built a health model. Until now!

For 30 years, cybersecurity has operated like an emergency room. Reactive. Crisis-driven. Always triaging. We are extraordinarily good at it — our detection is faster, our response playbooks are sharper, our incident teams are more capable than they have ever been. When something goes wrong, the modern security organization runs toward the fire with real skill. But here is the uncomfortable truth

CSO Online