Agentic AI News

If you run OpenClaw on your local machine, here’s your mandatory security update for the week: a vulnerability named ClawJacked was quietly exploiting a gap in the local gateway WebSocket handshake — and yes, a malicious website could have used it against you while you were browsing with OpenClaw running in the background. The patch is out. Here’s what happened and what you need to do. What Is ClawJacked? ClawJacked is the name given to a class of attack discovered by Oasis Security that targets OpenClaw’s local gateway server — the WebSocket service that runs on localhost to connect your browser to your AI agents. ...

If you’ve been using OpenClaw with a Claude Pro or Max subscription via OAuth and suddenly started seeing 403 permission_error responses, you’re not alone — and the cause is not a bug you can wait out. Anthropic is actively and deliberately revoking OAuth token access for Claude Pro and Max subscriptions in third-party applications. OpenClaw is among the affected platforms. This isn’t just a version regression or a temporary outage. Multiple independent sources — a Medium post documenting a full migration away from Claude, an analysis on daveswift.com, and a GitHub commit trail — all confirm this is a deliberate policy shift. ...

The open-source personal agent space just got a serious new contender. Alibaba’s research team quietly dropped CoPaw at the end of February — an open-source framework for deploying self-hosted AI agents that runs entirely on your own hardware, supports local models, and integrates directly with Discord, iMessage, DingTalk, and Feishu out of the box. If you’ve been following the OpenClaw community, the concept will feel familiar. But CoPaw brings a distinctly different design philosophy: it’s built from the ground up for portability and model-agnosticism, with equal-class support for local inference (via llama.cpp or Apple MLX) and remote APIs. ...

Claude went dark on Monday morning, and for once it wasn’t a minor hiccup. Starting around 11:49 UTC on March 2, 2026, Anthropic’s consumer-facing AI products — Claude.ai, Claude Code, and the mobile app — began reporting widespread failures. Users across North America, Europe, and Asia flooded social media with screenshots of error pages, spinning loaders, and authentication failures. Anthropic’s official response came quickly: the company cited “unprecedented demand over the past week” as the root cause of service degradation. The statement, confirmed by Bloomberg and CNET, framed this as a capacity problem rather than a security incident — but it raised more questions than it answered. ...

If you run Claude Code in production, v2.1.63 is not a routine patch. This release ships a meaningful architectural shift — HTTP hooks — alongside two genuinely useful slash commands and a pile of memory leak fixes that explain why long-running Claude Code sessions sometimes go sideways. The Big One: HTTP Hooks Replace Shell-Based Hooks Previous versions of Claude Code let you hook into the agent lifecycle via shell commands. It worked, but it was clunky: you were spawning subprocesses, dealing with shell escaping, and losing type safety the moment data crossed the boundary. ...

On March 1, 2026, Claude climbed to the #1 position on the US App Store Top Free chart, surpassing ChatGPT. The milestone has been confirmed across five major outlets — Axios, CNBC, Business Insider, Digital Trends, and TechFusionist — and the timing tells you everything you need to know about why it happened. The Pentagon Flashpoint The catalyst is OpenAI’s agreement to supply AI capabilities to the US Department of Defense — specifically, the deployment of AI for military targeting and weapons systems analysis. When the terms of that arrangement became public, a significant segment of users who had chosen AI tools partly on the basis of developer ethics found themselves reconsidering. ...

At MWC 2026 in Barcelona, Huawei made a move that the agentic AI builder community should pay attention to: the company announced the open-source release of A2A-T — an Agent-to-Agent protocol purpose-built for telecom infrastructure. It’s the first time a Tier-1 carrier equipment vendor has put its weight behind a standardized inter-agent communication protocol. Important caveat up front: this is a press announcement from Huawei at an industry conference. The open-source repository details are sparse, and multiple reports frame this as “to be released during MWC” rather than live-now. Verify availability before building on it. ...

The way software gets written is changing faster than most engineering managers have updated their mental models. Anthropic’s reported 2026 agentic coding report — covered this morning by Bitcoin.com and ClubLaura.com — puts numbers to a shift that practitioners have been feeling for months. The headline figure: Claude Code is reportedly writing approximately 135,000 GitHub commits per day. That number deserves unpacking — and a caveat. Transparency note: This story is sourced from secondary journalism coverage (Bitcoin.com, ClubLaura.com). The underlying Anthropic report URL was not independently located at publication time. The 135K commits/day figure is cited in both secondary sources as attributed to Anthropic, but has not been independently verified by this publication. We’re reporting it as Anthropic’s claimed data, not as confirmed fact. ...

MiniMax just opened the floodgates. This morning, the Chinese AI lab officially open-sourced its entire M2 model family — M2, M2.1, and M2.5 — along with the Forge RL training framework that built them. All weights are on HuggingFace. All code is on GitHub. And the models are already designed to drop into the agent workflows you’re likely already using. This is a big deal. Here’s what you need to know. ...

The Summer Yue inbox-deletion incident. The OpenClaw WebSocket zero-click vulnerability. A series of agent sandboxing failures that made headlines through late 2025 and into 2026. These weren’t edge cases — they were warnings. Gavriel Cohen, a software engineer based in Israel, has been paying attention. Today, he’s shipping an answer: NanoClaw, a containerized OpenClaw alternative that puts security architecture first, not as an afterthought. What Is NanoClaw? NanoClaw is an open-source agent platform inspired by OpenClaw — but built from the ground up to run agents inside Docker containers with minimal permissions. The design philosophy is simple: agents shouldn’t have access to more of your system than they actually need to do their jobs. ...