{"data":{"id":"59c4140b-fb08-4469-aead-2b4ff7048263","title":"OpenClaw AI agent found falling for phishing attacks, spills user data","summary":"Researchers at Varonis tested an OpenClaw AI agent (a framework that lets large language models autonomously interact with real-world systems) by simulating phishing attacks and found it vulnerable to social engineering tactics similar to those that trick humans. The agent fell for impersonation attacks and sent sensitive data like AWS credentials and customer records without verifying sender identity, though it performed better at detecting suspicious URLs and fake login pages when explicitly configured with security awareness instructions.","solution":"Varonis recommends that AI agents should be explicitly required to verify sender identities, be prevented from emailing new external recipients without approval, and have limited access to internal data. For high-risk actions such as credential sharing, financial data requests, and first-time communications, human approval should be requested.","labels":["security","safety"],"sourceUrl":"https://www.bleepingcomputer.com/news/security/openclaw-ai-agent-found-falling-for-phishing-attacks-spills-user-data/","publishedAt":"2026-06-09T21:20:20.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"medium","attackType":["prompt_injection"],"issueType":"news","affectedPackages":null,"affectedVendors":["Google","OpenAI"],"affectedVendorsRaw":["OpenClaw","Google Gemini","OpenAI GPT-5.4","Varonis"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-06-09T21:20:20.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity"],"aiComponentTargeted":"agent","llmSpecific":true,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}