OpenClaw AI agent found falling for phishing attacks, spills user data
…Researchers created a malicious Google OAuth application disguised as a timesheet platform. The agent inspected the OAuth flow, analyzed the destination, identified the application as suspicious, and refused to grant access. In…