Senior Business Development Representative

ACCESS Newswire provides PR agencies with trusted press release distribution, media outreach tools, media lists, pitching features, analytics, monitoring, and dedicated support designed for multi-client workflows.

OpenClaw "clawjacked" chain: malicious websites can hijack local AI agents via localhost WebSockets. Cross-origin browser-to-localhost access, missing loopback throttling, and implicit device trust combine into a silent takeover path from a single web visit. OpenClaw | Localhost | WebSockets | AI agents | Brute force | Endpoint security Affected vendor / product: OpenClaw Gateway (local service) and paired Nodes Primary issue: Website-initiated WebSocket access to localhost plus weak loopback protections and auto-trusted localhost device pairing Exploitation status: Public proof-of-concept demonstrated by researchers; no confirmed in-the-wild exploitation publicly disclosed Confidence: High (researcher technical disclosure plus vendor release notes) Severity: High Patch / mitigation status: Fixed in OpenClaw v2026.2.25+ (additional hardening continues in subsequent releases) Sectors at risk: Software engineering, DevOps, security teams, and any organisation with developer-run "shadow AI" agents that hold tokens/keys and can execute tools Regions at risk: Global Executive summary. Oasis Security disclosed a vulnerability chain in OpenClaw that allowed any website a user visits to silently connect to a locally running OpenClaw Gateway over WebSockets and attempt authentication. According to Oasis Security's technical disclosure, loopback connections were effectively exempt from meaningful password-guessing resistance, enabling high-speed brute force from browser JavaScript, followed by silent registration as a trusted device due to localhost auto-approval. Once paired, an attacker can interact with the agent, enumerate connected devices, and access logs and configuration. In environments where OpenClaw is integrated with messaging, developer tooling, and system command execution, Oasis describes the practical impact as comparable to workstation compromise initiated from a browser tab. OpenClaw's v2026.2.25 release notes confirm mitigations including origin checks, loopback throttling, and blocking silent auto-pairing for non-Control-UI browser clients. Context. The issue is a modern variant of a long-running security anti-pattern: assuming "localhost equals trusted". As Oasis notes, browsers can initiate WebSocket connections to local services, and unless the server enforces strict origin policy and authentication hardening, a malicious site can use the victim's own browser as a bridge into local-only tooling. Oasis Security's disclosure This is particularly high-risk for agentic tools because the Gateway often sits in front of high-value capabilities: stored API keys, access to collaboration platforms, access to local files, and the ability to invoke actions on paired nodes. OpenClaw's maintainers treated this as high severity and shipped a fix rapidly. Oasis Security's disclosure Technical analysis. Attack chain (as demonstrated by Oasis). Oasis' proof-of-concept describes the following sequence: * Victim has OpenClaw running locally with the Gateway bound to localhost and protected by a password. * Victim visits an attacker-controlled or compromised website in a normal browser. * JavaScript on the page opens a WebSocket connection to the OpenClaw Gateway on localhost. * The script brute-forces the Gateway password "at hundreds of attempts per second" because localhost was exempt from the Gateway's rate limiter. * After authentication, the script silently registers as a trusted device because the Gateway auto-approved localhost device pairing without a user prompt. * The attacker gains control to interact with the agent, dump configuration, enumerate connected devices, and read logs. Oasis Security's technical disclosure The key design lesson here is that WebSockets are not protected by the browser's normal cross-origin request constraints in the way many developers assume. Browsers will include an Origin header for WebSocket handshakes, but it is the server's job to enforce it. OpenClaw's remediation specifically focuses on origin checks and "browser-origin" loopback throttling, reflecting this threat model. OpenClaw v2026.2.25 release notes Remediation changes (vendor-confirmed). OpenClaw's v2026.2.25 release notes describe security changes that directly break the chain: * Enforced origin checks for direct browser WebSocket clients beyond the Control UI/Webchat * Applied password-auth failure throttling to browser-origin loopback attempts (including localhost) * Blocked silent auto-pairing for non-Control-UI browser clients to prevent cross-origin brute-force and session takeover chains OpenClaw v2026.2.25 release notes Impact assessment. Confirmed: The chain enables remote control of the OpenClaw agent context once pairing is achieved, including access to configuration data, logs, and connected device enumeration. Oasis Security's disclosure Likely: In real-world developer setups, impact escalates quickly because agents often hold credentials and can perform actions across SaaS and local tooling. Oasis explicitly calls out scenarios such as searching Slack history for API keys, reading private messages, exfiltrating files from connected devices, and executing shell commands on paired nodes, depending on what the user configured. Oasis Security's disclosure The practical blast radius depends on: * What integrations are connected (messaging, code hosting, CI/CD, ticketing) * Whether the agent can execute system commands or access sensitive filesystem paths * How many nodes are paired and what permissions they expose Exploitation status. Oasis published a working end-to-end proof-of-concept and states the issue was fixed within 24 hours of responsible disclosure. Oasis Security's disclosure As of 2 March 2026, neither Oasis nor OpenClaw has publicly reported confirmed in-the-wild exploitation specific to this chain. That said, the exploitation precondition is low (a website visit) and the affected deployment pattern (developer-run local agents) is common, so defenders should assume rapid adversary interest. Mitigation recommendations. * Patch immediately to v2026.2.25 or later Treat OpenClaw updates like endpoint security hotfixes, not routine developer tooling updates. Oasis Security's guidance and OpenClaw's v2026.2.25 release notes align on this. * Rotate and re-scope secrets held by agents If OpenClaw can access API keys, tokens, or chat integrations, rotate them and reduce scopes. Focus on credentials that enable lateral movement (source control, CI/CD, cloud, collaboration tooling). This follows Oasis' recommendation to review and revoke unnecessary agent access. Oasis Security's guidance * Audit paired devices and trust relationships Review the Gateway's list of trusted/paired devices and remove unexpected entries. Re-pair only after patching and credential rotation. * Reduce agent privileges by design Apply least privilege to tools and connectors. Disable or constrain command execution where possible, and avoid giving personal agents broad access to organisational SaaS by default. * Establish governance for "non-human identities" on endpoints Inventory where agents are running across developer fleets and who owns them. Oasis explicitly flags the "you can't secure what you can't see" problem for AI tooling sprawl. Oasis Security's guidance Incident response guidance. If you suspect exposure (for example: users visited an attacker-controlled site while running vulnerable OpenClaw): * Containment: Stop the OpenClaw service on affected hosts, disconnect integrations where feasible, and isolate the endpoint if suspicious agent activity is observed. * Credential hygiene: Rotate the Gateway password/token and revoke or rotate any credentials accessible to the agent (API keys, chat tokens, automation secrets). * Trust reset: Review and remove unknown paired devices, then re-establish trust only after patching. * Forensics: Collect OpenClaw configuration, pairing records, and logs (where available), plus browser history and DNS/HTTP telemetry for the suspected window. Note that part of the risk described by Oasis is that failed attempts were not meaningfully throttled or logged on localhost in vulnerable builds. Oasis Security's disclosure MITRE ATT&CK mapping. Historical context and common confusion. Several sources have incorrectly conflated "ClawJacked" reporting with CVE-2026-25253, an earlier OpenClaw issue involving token leakage via a user-supplied gatewayUrl parameter. That CVE is documented by NVD's CVE-2026-25253 entry and is distinct from the Oasis "website-to-local agent takeover" chain fixed in v2026.2.25+. Keep these separate in vulnerability management and communications. Future outlook. Expect fast commoditisation. The browser-to-localhost pattern is reusable across many developer tools, but agent platforms concentrate permissions and credentials in ways that make these chains unusually valuable. The defensive priority is not only patching OpenClaw but also hardening the surrounding operating model: endpoint visibility for agent tools, strict privilege boundaries for agent actions, and audited, time-bound access to sensitive integrations. Further reading.

The editors at Solutions Review have curated this list of the most noteworthy Identity Management and Information Security news from the week of November 21st. This round-up covers announcements and updates from Oasis Security, authID, SEON, and more. Keeping tabs on all the most relevant Identity Management and Information Security news can be time-consuming. As a result, its editorial team aims to summarize some of the top headlines in the space by curating a collection of the latest vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy news. With that in mind, here is some of the top identity management and information security news from the week of November 21st. For early access to all the expert insights published on Solutions Review, join Insight Jam, a community dedicated to enabling the human conversation on AI. Identity Management and Information Security news for the week of November 21st. authID details a governance model for Agentic AI security. authID, a biometric identity authentication company, has unveiled the authID Mandate Framework, a comprehensive governance model for Agentic AI security that supports non-human identities, including autonomous and semi-autonomous AI agents. The new offering aims to equip enterprises with the trust foundation, policy controls, and auditability required to safely deploy agentic systems at scale. Rhon Daguro, CEO of authID, says, "The authID Mandate Framework is our blueprint for accountable Agentic AI. Customers can govern which agents take action, who sponsors them, and what they are allowed to do, before, during, and after every action." Oasis Security launches an identity security solution for AI agents. Oasis Security, an identity security platform, has launched Oasis Agentic Access Management (AAM), an identity solution purpose-built to govern AI agents across their entire lifecycle. The offering is built around three key capabilities: Intent Inference, Deterministic Policy Enforcement, and Just-in-Time (JIT) Session Identities. With these functionalities, teams can understand why an agent is performing specific actions, provision least-privilege credentials, eliminate standing agents, validate access decisions, and ensure predictable, repeatable behaviors. Palo Alto Networks and IBM partner on a Quantum-Safe Readiness solution. Palo Alto Networks, a global AI and cybersecurity company, has announced a plan with IBM to offer a Quantum-Safe Readiness solution that helps enterprises identify cryptographic exposure, understand quantum-computing related risks, and accelerate their transition toward quantum-safe security. As part of the collaboration, Palo Alto Networks will integrate IBM's Quantum Safe Transformation services with its network-level cryptographic intelligence, providing customers with comprehensive and actionable views of their cryptographic posture across hybrid environments. The joint solution will serve as a practical and accelerated approach to achieving quantum-safe readiness. Protegrity announces a new solution for securing agentic workflows. Protegrity, a global data-centric security company, is expanding its reach in AI with the launch of Protegrity AI Team Edition. The new product is designed to provide AI developers with a fully instrumented Python package that secures the AI pipeline, along with a fully instrumented and integrated data security toolbox to protect enterprise data systems. Capabilities available in the Protegrity AI Team Edition include agentic policy creation, audit reporting, deep-learning pattern matching, anonymization models for privacy-enforced analytics, tabular synthetic data generation, contextual AI guardrails for model training, and more. SEON expands its fraud prevention platform with new tools. SEON, a command center for real-time fraud prevention and AML compliance, has expanded its platform with advanced capabilities designed to help global businesses manage complex, multijurisdictional requirements. The new features include AML Search Profiles for building jurisdiction-specific screening configurations without writing code, investigative tools built on network science, alert dashboards, payment screening tools, and Unified Workflow, which connects screening, investigation, and case management in one place, eliminating the context-switching that slows down investigations. Strata Identity debuts an AI Identity Gateway. Strata Identity - a company focused on securing, modernizing, and managing human and agent identities - has announced the availability of the AI Identity Gateway, an enterprise-grade runtime identity and policy enforcement control point for agentic behavior. As part of the Maverics for Agentic Identity solution, the AI Identity Gateway will provide companies with a reliable way to authenticate, authorize, and monitor every action an agent performs against upstream services, all in real-time. Token Security reveals new AI Agent Identity Lifecycle Management capabilities. Token Security, an Agentic Identity security company, has announced new AI Agent Identity Lifecycle Management capabilities to help enterprises discover, govern, manage, and secure the rapidly growing population of AI agents, from custom GPTs to MCP (Model Context Protocol) servers and autonomous AI services. These enhanced capabilities can assign human ownership, establish intent-based permissions access, retire unused agents before they become liabilities, and automatically inventory managed, home-grown, and personal AI agents. Expert insights section. Watch this space each week as its editors will share upcoming events, new thought leadership, and the best resources from Insight Jam, Solutions Review's enterprise tech community for business software pros. The goal? To help you gain a forward-thinking analysis and remain on-trend through expert advice, best practices, trends, predictions, and vendor-neutral software evaluation tools. From 0 to 1 million subs: how Christina Antonelli grew an enterprise tech YouTube powerhouse. On December 4th, Jonathan Paula from Solutions Review and Ryan Dalley from Insight Jam will give audiences a glimpse behind the curtain, offering a look into the Insight Jam YouTube channel's explosive growth to over 1,000,000 subscribers and exploring why there's an untapped market opportunity in enterprise tech video content. With AI fundamentally reshaping content discovery, companies that fail to establish an authoritative video presence risk a permanent competitive disadvantage. Tech without the attitude: why relationships still matter in IT | The Jam Session. In the latest on-demand edition of The Jam Session, host Cher Fox brought together a panel of IT professionals to discuss the industry stereotype of the faceless vendor, the transactional MSP, and the arrogant consultant, revealing how human relationships determine whether technology projects thrive or fail. The panel also shares origin stories of connections formed through networking events and how trust built through happy hours and personal connections can transcend formal contracts to create lasting professional partnerships. For consideration in future news round-ups, send your announcements to [email protected].