BestHub
Sign in
Black & White Path
Black & White Path
Apr 22, 2026 · Information Security

Multi‑Stage Web‑Induced RCE Attack Bypassing OpenClaw’s Safeguards

The article dissects a multi‑stage web‑induced remote code execution attack against OpenClaw, detailing how crafted HTML pages manipulate the tool‑calling workflow, evade built‑in security notices, and ultimately trigger a malicious curl‑pipe‑python command, followed by a thorough source‑code analysis and defensive recommendations.

AI securityOpenClawRCE
0 likes · 21 min read
Multi‑Stage Web‑Induced RCE Attack Bypassing OpenClaw’s Safeguards
ITPUB
ITPUB
Nov 17, 2015 · Information Security

How the New Upatre Variant Evades Dynamic Sandboxes

The article explains two simple yet effective sandbox‑evasion techniques used by a new Upatre Trojan variant—checking system uptime via GetTickCount and monitoring mouse movement—to bypass dynamic analysis environments and remain undetected by antivirus scanners.

Dynamic analysisGetTickCountUpatre
0 likes · 4 min read
How the New Upatre Variant Evades Dynamic Sandboxes