Tag

Localhost

All articles tagged with #localhost

security4 hours ago•6 min saved

ClawJacked WebSocket Flaw Lets Local OpenClaw AI Agents Be Hijacked

OpenClaw fixed a high-severity vulnerability, dubbed ClawJacked, that let a malicious website abuse a local WebSocket connection to a localhost OpenClaw gateway, brute-force its password, and auto-approve as a trusted device to gain full control over a locally running AI agent. A patch was released in version 2026.2.25 (Feb 26, 2026); users should update and audit access to AI agents. The story sits in a broader context of AI-agent attack surfaces, prior log-poisoning fixes (2026.2.13), related CVEs, and a surge in malicious skills on ClawHub, highlighting the need for isolation, governance, and vigilance against prompt injections.

via The Hacker News|

#ai-agents #cybersecurity #localhost

technology4 months ago•2 min saved

Windows 11 Update Disrupts Localhost and Developer Environments

Recent Windows 11 updates (KB5066835 and KB5065789) have caused issues with localhost (127.0.0.1) HTTP/2 connections, affecting various applications. The recommended fix is to uninstall these updates, as registry tweaks and updates have not been reliably effective. Microsoft has been contacted for comment.

via BleepingComputer|

#bug #http2 #localhost

technology4 months ago•2 min saved

Windows 11 Update Disrupts Localhost Functionality, Users Seek Workarounds

Microsoft's October 2025 Windows 11 update (KB5066835) has caused a critical bug that breaks localhost functionality for developers, traced to HTTP.sys, with workarounds including uninstalling the update or disabling HTTP/2. Microsoft has not yet acknowledged the issue, which seems to be related to system configuration conflicts rather than a universal bug, and the problem is causing widespread frustration among developers.

via theregister.com|

#developer-issues #httpsys #localhost

technology9 months ago•5 min saved

Meta's Hidden Tracking on Android Exposed and How to Block It

Security researchers revealed that Meta and Yandex used native Android apps to listen on localhost ports for tracking purposes, linking web browsing data to user identities and bypassing privacy protections. Meta has paused this tracking technique following the disclosure, and updates to browser security measures have been implemented to mitigate such methods. The companies are in discussions with Google to resolve policy concerns.

via theregister.com|

#android #localhost #meta