logo

AutoJack AI Agent Exploit Unveiled

ID: 3c595106-4b56-57c5-a882-9f4c5dd3bb30

STIX ID: report--3c595106-4b56-57c5-a882-9f4c5dd3bb30

Feed Name: securityonline.info

Threat Score
70/100

Date Published: 2026-06-25

Date Updated: 2026-06-25

Author: Do Son

...
...

AutoGen Studio's 'AutoJack' vulnerability allows a local AI agent visiting a malicious webpage to open a trusted localhost WebSocket, bypass origin and authentication checks, and execute base64-encoded commands on the developer's machine, enabling silent remote code execution; maintainers patched the flaw and researchers recommend strong authentication, input validation, and environment isolation.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.