OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics ...

New Shai-Hulud attack trojanizes 19 science-focused PyPI packages

Hackers compromised 19 packages on the PyPI, collectively downloaded hundreds of thousands of times, in a new Shai-Hulud ...
The Next Web

Researchers tricked an OpenClaw AI agent into leaking AWS keys and customer data with a phishing email

Varonis built an OpenClaw email agent and phished it. It handed over AWS credentials, database keys, and a CRM export for 247 customers without verifying who asked.