Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
360 Warning: High-Risk Vulnerability in OpenClaw May Lead to Data Leak of Over 170k Instances in More Than 50 Countries
Recently, 360 Digital Security Group disclosed that its self-developed 360 Multi-Agent Collaborative Vulnerability Mining System discovered a high-risk vulnerability in the open-source AI agent platform OpenClaw;
This vulnerability, named "MEDIA Protocol Prompt Injection Bypass Tool Privilege Escalation Local File Disclosure," has been officially confirmed by the National Vulnerability Database (CNNVD).
According to the disclosure document, the vulnerability exists in the core media processing module of OpenClaw version 2026.3.13, characterized by low attack threshold, wide impact scope, and high severity.
The core risk of the vulnerability lies in the MEDIA protocol running in the output post-processing layer, which can completely bypass platform tool strategy controls. In simple terms, even if the Agent disables all tool calls, an attacker can launch an attack using only basic group chat member permissions and steal sensitive server information.
Assessment indicates that the vulnerability affects a wide range of systems, covering over 50 countries and regions worldwide, with more than 170k publicly accessible OpenClaw instances at risk. Currently, 360 has independently verified the attack chain of the vulnerability and provided repair suggestions to the platform developers.
The discovery of this vulnerability also confirms the earlier judgment of 360 founder Zhou Hongyi. That is, in the era of intelligent agents, traditional vulnerability scanning has become ineffective, as hacker agents can perform automated attacks 24/7, shifting the security industry from human-to-human confrontation to asymmetric battles between humans and machines.
The security vulnerabilities outlined above demonstrate that, with the rapid development of intelligent agent technology, security risks are quickly extending from the model layer to the interface layer, skill call chains, and system permission layers, highlighting the urgency of establishing comprehensive security protection systems.
Overall, the security challenges of the intelligent agent era have expanded from a single layer to the entire technology stack, requiring security vendors, platform developers, and users to work together to build more robust security mechanisms and safeguard the healthy development of intelligent agent technology.
#OpenClaw # Intelligent Agent Vulnerability