BREAKING: Any Website Can Silently Hijack Your OpenClaw Agent (Oasis Security)

Oasis Security just dropped a bombshell: any website you visit can silently take full control of your OpenClaw agent. No plugins needed. No user interaction. Just visit a malicious page. Source: Oasis Security Research | Video PoC The Attack Chain Developer has OpenClaw running on localhost (the default setup) Developer visits any malicious/compromised website JavaScript on the page opens a WebSocket to localhost on OpenClaw's gateway port WebSocket connections to localhost are NOT blocked by cross-origin policies Script brute-forces the gateway password — hundreds of attempts/second The gateway's rate limiter exempts localhost connections entirely Once authenticated, the script registers as a trusted device Gateway auto-approves device pairings from localhost with no user prompt Attacker has full control: read messages, exfiltrate files, execute shell commands This is equivalent to full workstation compromise , initiated from a browser tab. Why This Is Different Previous OpenClaw vuln

BREAKING: Any Website Can Silently Hijack Your OpenClaw Agent (Oasis Security)

Related Articles

Gate.io vs KuCoin — Which Crypto Exchange Is Better? (2026)

How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode

Clean Code Principles Every Software Engineer Should Follow

The Real Cost of Abstractions in .NET

Stop Learning Frameworks — You’re Wasting Your Time

Related Articles

How-To
Gate.io vs KuCoin — Which Crypto Exchange Is Better? (2026)
Dev.to Beginners • 6h ago

How-To
How to Build a Real Multi-Agent Engineering Workflow With oh-my-claudecode
Medium Programming • 7h ago

How-To
Clean Code Principles Every Software Engineer Should Follow
Medium Programming • 8h ago

How-To
The Real Cost of Abstractions in .NET
Medium Programming • 9h ago

How-To
Stop Learning Frameworks — You’re Wasting Your Time
Medium Programming • 10h ago