Nanobot WhatsApp session hijack security flaw
Vulnerability
Summary
Hide ▲
Show ▼
A max-severity flaw in nanobot could let remote attackers hijack WhatsApp sessions on exposed instances. The weakness raises the risk of account takeover and session compromise for deployments reachable by attackers.
Related Happenings
OpenClaw ClawJacked localhost WebSocket brute-force security flaw
Vulnerability
First: 01.03.2026 23:44
Last: 01.03.2026 23:44
Sources 1
About this happening:
**OpenClaw**’s **ClawJacked** vulnerability allowed a **malicious website** to brute-force a **localhost WebSocket** connection and take control of a local instance, putting **ses...
OpenClaw ClawJacked localhost WebSocket brute-force security flaw
VulnerabilityAbout this happening: **OpenClaw**’s **ClawJacked** vulnerability allowed a **malicious website** to brute-force a **localhost WebSocket** connection and take control of a local instance, putting **ses...
Atomic MacOS Stealer (AMOS) distribution through AI-app lures, SEO poisoning, and supply-chain abuse
Malware Activity
First: 12.02.2026 16:25
Last: 12.02.2026 16:25
Sources 1
About this happening:
**Atomic MacOS Stealer (AMOS)** is being distributed to **macOS users** through multiple delivery paths, including **fraudulent GitHub repositories**, **SEO poisoning**, **malvert...
Atomic MacOS Stealer (AMOS) distribution through AI-app lures, SEO poisoning, and supply-chain abuse
Malware ActivityAbout this happening: **Atomic MacOS Stealer (AMOS)** is being distributed to **macOS users** through multiple delivery paths, including **fraudulent GitHub repositories**, **SEO poisoning**, **malvert...
OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw
Vulnerability
First: 09.02.2026 11:30
Last: 09.02.2026 11:30
Sources 1
About this happening:
**OpenClaw** deployments exposed to the public internet face **RCE risk**, with **12,812 instances** reportedly exploitable and **public exploit code** available. SecurityScorecar...
OpenClaw public-facing RCE exposure with public exploit code remote code execution flaw
VulnerabilityAbout this happening: **OpenClaw** deployments exposed to the public internet face **RCE risk**, with **12,812 instances** reportedly exploitable and **public exploit code** available. SecurityScorecar...
ChatGPT/SearchGPT prompt injection and data exfiltration weaknesses security flaw
Vulnerability
First: 06.11.2025 12:00
Last: 06.11.2025 12:00
Sources 1
About this happening:
Researchers uncovered **seven weaknesses** in **OpenAI's ChatGPT/SearchGPT** that could let an attacker use **prompt injection** and **safety bypass** techniques to steal **privat...
ChatGPT/SearchGPT prompt injection and data exfiltration weaknesses security flaw
VulnerabilityAbout this happening: Researchers uncovered **seven weaknesses** in **OpenAI's ChatGPT/SearchGPT** that could let an attacker use **prompt injection** and **safety bypass** techniques to steal **privat...
Timeline
-
16.02.2026 19:32 2 articles · 3mo ago
Tenable discloses max-severity nanobot flaw
Initial DisclosureTenable identified a max-severity flaw in nanobot, an ultra-lightweight personal AI assistant inspired by OpenClaw, that could let remote attackers hijack WhatsApp sessions on exposed nanobot instances.
Show sources
- Infostealer malware found stealing OpenClaw secrets for first time — www.bleepingcomputer.com — 16.02.2026 19:32
- Infostealer malware found stealing OpenClaw secrets for first time — www.bleepingcomputer.com — 16.02.2026 19:32