A Real WebSocket Hijack Hit an AI Agent Framework. Here's What We Learned.

The Vulnerability Nobody Expected Last week, a critical vulnerability was disclosed in OpenClaw (formerly Clawdbot) — one of the more capable open-source AI agent frameworks out there. The issue? WebSocket brute-force hijacking on the localhost gateway. The gateway — the nerve centre that connects your AI agent to messaging surfaces, tools, and the outside world — was using predictable authentication tokens. An attacker on the same network could brute-force the WebSocket connection and inject arbitrary commands into your agent's session. Think about that for a second. Your AI agent has access to your emails, your files, your APIs, maybe your smart home. Someone connects to the gateway, and they are you. The fix landed in v2026.2.25 with cryptographically strong token generation. If you're running OpenClaw, update now . Full stop. But this incident exposed something more important than a single CVE. The Layer Problem in AI Agent Security Here's the uncomfortable truth: most AI agent dep