Rewards Hub 360's AI assistant, OpenClaw, has been found to leak an SSL private key in its installer, according to security researcher Lukasz Olejnik. The key, valid until April 2027, is linked to the domain *.myclaw.360.cn, potentially allowing attackers to impersonate 360 servers, intercept user data, or create fake login pages. This incident contradicts a previous assurance by 360's founder, Zhou Hongyi, who vowed not to leak passwords upon the product's launch. The company, serving 461 million users with a valuation of $10 billion, faces scrutiny as several developers in the Chinese-speaking community confirm the breach.
360's OpenClaw AI Assistant Leaks SSL Private Key, Breaching Security Promises
Disclaimer: The content provided on Phemex News is for informational purposes only. We do not guarantee the quality, accuracy, or completeness of the information sourced from third-party articles. The content on this page does not constitute financial or investment advice. We strongly encourage you to conduct you own research and consult with a qualified financial advisor before making any investment decisions.