DigiNews

Summary

Security researcher depthfirst details a critical vulnerability in the OpenClaw AI personal assistant (formerly Moltbot) that enables 1-click remote code execution through a manipulated URL. The piece walks through how the flaw can leak authentication tokens via WebSocket and outlines the kill chain and patch advisory to mitigate the risk for developers and organizations deploying AI-enabled agents.