Storia in 5 fonti

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human users.

Raccontata dacybersecurity360.itbleepingcomputer.comthenextweb.comthehackernews.comdev.to

Confronto fonti

5 prospettive sulla stessa storia

AI · summaries

bleepingcomputer.comStai leggendo2 g fa

OpenClaw AI agent found falling for phishing attacks, spills user data

Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human users.

originale

dev.to10 h fa

OpenClaw AI Agent Exploited Through Hidden Contact Prompts and Social Engineering

OpenClaw agents execute hidden commands via contact names and fall for social engineering, exfiltrating AWS credentials and customer data. Self-hosted deployments need patching (2026.4.23) and strict permissions; agents with broad access are high-risk.

Leggi questa versione → originale

thehackernews.com16 h fa

New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

OpenClaw input flaws let hidden contacts and phishing emails trigger code execution and data leaks, exposing agent trust risks.

Leggi questa versione → originale

thenextweb.com1 g fa

Researchers tricked an OpenClaw AI agent into leaking AWS keys and customer data with a phishing email

Varonis built an OpenClaw email agent and phished it. It handed over AWS credentials, database keys, and a CRM export for 247 customers without verifying who asked.

Leggi questa versione → originale

cybersecurity360.it4 g fa

OpenClaw, nuova frontiera del malware che non va demonizzato - Cyber Security 360

Una sofisticata campagna di cyber spionaggio trasforma i flussi di lavoro degli agenti AI in vettori d'attacco per distribuire Remcos RAT e GhostLoader attraverso tecniche avanzate di evasione e le skill di OpenClaw…

Leggi questa versione → originale

Timeline cronologica

1. lunedì 8 giugno 2026·cybersecurity360.it
   

   OpenClaw, nuova frontiera del malware che non va demonizzato - Cyber Security 360

   Una sofisticata campagna di cyber spionaggio trasforma i flussi di lavoro degli agenti AI in vettori d'attacco per distribuire Remcos RAT e GhostLoader attraverso tecniche…

2. martedì 9 giugno 2026·bleepingcomputer.com
   

   OpenClaw AI agent found falling for phishing attacks, spills user data

   Phishing simulation on an OpenClaw email agent with various configuration profiles showed that it was susceptible to tactics commonly used to compromise human users.

3. mercoledì 10 giugno 2026·thenextweb.com
   

   Researchers tricked an OpenClaw AI agent into leaking AWS keys and customer data with a phishing email

   Varonis built an OpenClaw email agent and phished it. It handed over AWS credentials, database keys, and a CRM export for 247 customers without verifying who asked.

4. giovedì 11 giugno 2026·thehackernews.com
   

   New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets

   OpenClaw input flaws let hidden contacts and phishing emails trigger code execution and data leaks, exposing agent trust risks.

5. venerdì 12 giugno 2026·dev.to
   

   OpenClaw AI Agent Exploited Through Hidden Contact Prompts and Social Engineering

   TL;DR what: Researchers demonstrated OpenClaw AI agent executes hidden commands in...

6. venerdì 12 giugno 2026·dev.to
   

   AI Email Agents Are Phishable: How OpenClaw Spilled User Data to Social Engineering Attacks

   An AI Agent That Could Be Conned Like an Intern Researchers recently demonstrated that...