NewsClawJacked Zero-Click WebSocket Hijack of OpenClawThe Hacker News·high signalZero-click vulnerability in OpenClaw gateway. Malicious website hijacks local AI agent via WebSocket. Patched in v2026.2.25.SourceSource pageThe Hacker News↳ Follow the threadPolicy dependency / Stack layerHalluSquatting weaponizes LLM hallucinations to push botnet malware into agentsThe Hacker NewsStack layer / Threat patternMitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)arXivStack layer / Threat patternGhostcommit hides prompt injection in PNG files to make AI coding agents exfiltrate repo secretsSecNewsStack layer / Threat patternGhostApproval: symlink flaw turns human-in-the-loop into a rubber stamp across 6 coding agentsCyber Security NewsStack layer / Threat patternFriendly Fire: auto-approve coding agents run attacker code during security scansSecurityWeekStack layer / Threat patternUnit 42: AI-agent npm packages become a prime supply-chain target in H1 2026Unit 42 (Palo Alto Networks)Policy dependency / Stack layerReason Less, Verify More: Deterministic Gates Catch a Silent Policy-Violation Failure in Tool-Using AgentsarXivStack layer / Threat patternClaude Code Desktop v2.1.206 Ships a Sandboxed In-App Browser Panel the Agent DrivesClaude Code Docs