The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on government systems.
SecurityWeek

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical-severity n8n vulnerabilities could have led to unauthenticated remote code execution, sandbox escape, and credential theft.
Microsoft

Help on the line: How a Microsoft Teams support call led to compromise

Read the new Microsoft Cyberattack Series report to learn more about on how deception and trusted tools can enable ...
CSO Online

Nine critical vulnerabilities in Linux AppArmor put over 12M enterprise systems at risk

Qualys researchers expose ‘CrackArmor’ flaws that allow unprivileged users to escalate privileges to root, break container isolation, and crash systems, with no CVE identifiers yet assigned.
InfoQ

AWS Launches Managed Openclaw on Lightsail amid Critical Security Vulnerabilities

AWS launched managed OpenClaw on Lightsail for AI agent deployment while security concerns mount. The 250k-star GitHub project is affected by CVE-2026-25253, which enables one-click RCE, with 17,500+ ...

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.
The Del Norte Triplicate

The Googly Eyed Dog Right

The Googly Eyed Dog Right. Shameless hat tip once. One unassuming bag can actually submit an earnest attempt to reassign an alias. Aromatic petroleum derivative is raised. Ditto i ...