2026 OpenClaw Security News

A collection of news headlines about OpenClaw Security for AI builders, developers, and investors.
Updated twice daily.

➡️ OpenClaw Observability · OpenClaw Headlines · Security Vendor Advisories · Use as an Agent Skill · Use as an MCP Server

---

Government Warnings About OpenClaw

• NVD National Vulnerability Database - Search for OpenClaw
• CISA.gov - Search for OpenClaw Advisories
• CERT BUND Germany - Search for OpenClaw Advisories
• Centre for Cybersecurity Belgium - Search for OpenClaw Advisories
• RTI News (TW) - Taiwan moves to regulate surge in AI-driven crime and security risks - March 18, 2026
• Deutsche Telekom Security GmbH - Advisory 2026-0625 - OpenClaw: Multiple Vulnerabilities - March 9, 2026
• Global Times - China's state news media issues security warning over OpenClaw amid social media frenzy - March 8, 2026
• autoriteitpersoonsgegevens.nl - The Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, warns of major security risks with AI agents like OpenClaw - February 12, 2026
• Digital Watch Observatory - OpenClaw faces rising security pushback in South Korea - February 9, 2026
• Reuters - China warns of security risks linked to OpenClaw open-source AI agent - February 5, 2026

---

OpenClaw Observability

• OpenClaw Exposure Watchboard - This page lists publicly reachable active OpenClaw instances for defensive awareness
• AIPwn - OpenClaw Security Watchboard
• DECLAWED - A live threat intelligence dashboard built by SecurityScorecard's STRIKE Team providing visibility into the global exposure of OpenClaw AI agent control panels

---

OpenClaw Headlines

2026-03-20

• CIO.com - Autonomous AI adoption is on the rise, but it’s risky - March 20, 2026
• Caixin Global (CN) - China Internet Finance Body Raises Alarm Over OpenClaw AI - March 20, 2026
• Financial Post - Airia Enables Enterprise-Grade Security for OpenClaw AI Agent Deployments - March 20, 2026

2026-03-19

• CNET - Nvidia's NemoClaw Promises a More Secure Way to Deploy AI Agents, but Is It Really Safer? - March 19, 2026
• DailyCoin - Devs Targeted in OpenClaw GitHub Phishing Campaign - March 19, 2026
• BeInCrypto - OpenClaw Creator Warns of Crypto Phishing Wave: ‘We Would Never Do That’ - March 19, 2026
• Geeky Gadgets - OpenClaw Super Powers : Marketplace, Persistent Memory, Local Automations - March 19, 2026

2026-03-18

• Times Now News (IN) - Why China Is Warning Users Against OpenClaw After Its Sudden Popularity | Explained - March 18, 2026
• news.de (DE) - OpenClaw: IT-Sicherheitslücke mit hohem Risiko! Warnung erhält Update - March 18, 2026
• TechNode - ByteDance issues internal OpenClaw security rules, launches ByteClaw - March 18, 2026

2026-03-17

• Gizmodo - Amid AI Agent Boom, the Tech Industry Makes It Clear: With Great Laziness Comes Great Responsibility - March 17, 2026
• The New York Times - China Is Embracing OpenClaw, a New A.I. Agent, and the Government Is Wary - March 17, 2026
• TechRepublic - OpenClaw, the Fastest-Adopted Software Ever, Is Also a Security Blind Spot - March 17, 2026
• Techzine (EU) - OpenClaw bypasses security layers and reveals new attack vectors - March 17, 2026
• Digitimes Asia - China reins in OpenClaw surge, flags AI agent security risks - March 17, 2026
• SDxCentral - Nvidia details NemoClaw security guardrails in wake of AI agent concerns - March 17, 2026
• The Times of India - Why founders are flocking to OpenClaw? - March 17, 2026

2026-03-16

• gbhackers - OpenClaw AI Agents Vulnerable to Indirect Prompt Injection, Causing Data Leaks - March 16, 2026
• Twitter/Guanxing/@CertiK - Skill Scanning Is Not a Security Boundary - March 16, 2026
• VentureBeat - OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert - March 16, 2026
• TechCrunch - Nvidia’s version of OpenClaw could solve its biggest problem: security - March 16, 2026
• GovInfoSecurity - OpenClaw Exposes Hidden Risks in Agentic AI - March 16, 2026
• Embrace The Red - Agent Commander: Promptware-Powered Command and Control - March 16, 2026
• NTD - China’s ‘Lobster’ AI Craze Draws Security Warnings as Operating Costs Rise - March 16, 2026
• TechJuice (PK) - Researchers Warn OpenClaw AI Agents Are Leaking User Data - March 16, 2026
• rthk.hk - IT chief urges caution over OpenClaw security risks - March 16, 2026
• The Star (MY) - Hong Kong warns govt departments not to install AI tool OpenClaw - March 16, 2026

2026-03-15

• InfoQ - AWS Launches Managed Openclaw on Lightsail Amid Critical Security Vulnerabilities - March 15, 2026
• TechRadar - Chinese government cracks down on in-office OpenClaw use over potential security risks - March 15, 2026
• Global Times (CN) - China issues risk warning regarding OpenClaw application security in internet financial sector - March 15, 2026
• Xinhua (CN) - Explainer: In OpenClaw frenzy, should we be cheery or worried? - March 15, 2026
• Inc - How to Experiment Safely With OpenClaw Without Risking Your Company’s Data - March 15, 2026

2026-03-14

• The Hacker News - OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration - March 14, 2026
• New Straits Times (MY) - Security risks of AI bot OpenClaw grips China - March 14, 2026

2026-03-13

• South China Morning Post - Hong Kong government workers warned not to install OpenClaw due to security risks - March 13, 2026
• Global Times (CN) - China issues risk alert on viral AI agent OpenClaw, urging users to limit privileges - March 13, 2026
• Bloomberg - China’s OpenClaw Obsession Is a Risky Gamble on Experimental AI - March 13, 2026

2026-03-12

• Fast Company - China went crazy for OpenClaw. Now it’s working to ban it - March 12, 2026
• ZDNet - Why Moltbook and OpenClaw are the fool's gold in our AI boom - March 12, 2026
• Yunnan Normal University - 关于防范OpenClaw（龙虾）开源AI智能体安全风险的预警提示 - March 12, 2026
• TechWireAsia - OpenClaw: The agentic AI security wake-up call enterprises didn’t ask for - March 12, 2026
• The Standard (HK) - Digital Policy Office warns of OpenClaw security risks as mainland moves to restrict use - March 12, 2026
• Caixin Global (CN) - Tech Brief (March 12): MIIT Warns of Security Risks in OpenClaw - March 12, 2026
• South China Morning Post - Amid OpenClaw frenzy, China’s central bank adds to cybersecurity warnings - March 12, 2026
• Business Insider - China rushed to use OpenClaw. Now, some stressed-out users are forking out cash to uninstall the AI agent - March 12, 2026

2026-03-11

• Solutions Review - How OpenClaw’s Flawed Design Philosophy Left Organizations Exposed to Active Attacks - March 11, 2026
• RADII - Why is China Suddenly Uninstalling Openclaw, the Free, Open-Source AI Agent? - March 11,2026
• Twitter - Risk Warning Regarding the Security Use of OpenClaw - Source: China CNCERT - March 11, 2026
• Bloomberg - What Is OpenClaw? AI Marvel or Cybersecurity Nightmare? - March 11, 2026

2026-03-10

• Twitter - Quick OpenClaw update: 6.4K open issues / 5.5K open PRs / 230 unresolved security vulnerabilities (+200% MoM) - March 10, 2026
• Bloomberg - China Moves to Curb Use of OpenClaw AI for Banks, State Agencies - March 10, 2026
• South China Morning Post - China issues second warning on OpenClaw risks amid adoption frenzy - March 10, 2026
• PA News - The first victims of OpenClaw have emerged! 4 security basics you must know before installation - March 10, 2026
• Cyber Security News - OpenClaw Advisory Surge Exposes Gap Between GitHub and CVE Vulnerability Tracking - March 10, 2026

2026-03-09

• South China Morning Post - Chinese local governments offer OpenClaw project subsidies as security questions linger - March 9, 2026
• Bitget - SlowMist CISO: Security Risk Found in USB Version of OpenClaw - March 9,2026
• The Hacker News - Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials - March 9, 2026

2026-03-08

• Jfrog Security Research - GhostClaw Unmasked: A Malicious npm Package Impersonating OpenClaw to Steal Everything - March 8, 2026
• Xinhua (CN) - AI "cultivating lobster" became popular, official tips → - March 8, 2026
• Binance News - China Warns of Security Risks in OpenClaw AI Agent - March 8, 2026
• Krebs on Security - How AI Assistants are Moving the Security Goalposts - March 9,2026

2026-03-06

• Lawfare - China’s Agentic AI Controversy - March 6, 2026
• Belgium - Warning: Multiple critical vulnerabilities in OpenClaw's Nextcloud Talk plugin, Patch Immediately! - March 6, 2026

2026-03-05

• SentinelOne - CVE-2026-29612: OpenClaw DOS Vulnerability - March 5, 2026
• Heimdal Security - OpenClaw Incidents Show Why AI Adoption Pressure Puts Companies at Risk - March 5, 2026
• grith.ai - A GitHub Issue Title Compromised 4,000 Developer Machines - March 5, 2026
• InfoWorld - What I learned as an undercover agent on Moltbook - March 5, 2026
• Forbes - Five Things You Should Not Do With OpenClaw - March 5, 2026

2026-03-04

• Security Boulevard - How Threat Actors Turned OpenClaw Into a Scraping Botnet - March 4, 2026
• The Register - Malware-laced OpenClaw installers get Bing AI search boost - March 4, 2026
• smu.edu IT Connect - OpenClaw: Security Risks and Institutional Position - March 4, 2026
• CPO Magazine - Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking - March 4, 2026

2026-03-03

• The New Stack - OpenClaw rocks to GitHub's most-starred status, but is it safe? - March 3, 2026
• 36Kr - I advise you not to blindly follow the trend of this wave of OpenClaw - March 3, 2026
• MasterCard - Before the music stops: OpenClaw and the growing need for AI security standards - March 3, 2026
• Global Times (CN) - Chinese authorities warn against misuse of OpenClaw amid rising security risks of unauthorized information leaks; expert urges users to strictly manage access - March 3, 2026

2026-03-02

• SOCRadar - OpenClaw’s ClawJacked Vulnerability Explained, What Organizations Need to Know - March 2, 2026
• Infosecurity Magazine - ClawJacked Bug Enables Covert AI Agent Hijacking - March 2, 2026
• pymnts.com - OpenClaw Patch Prevents Malicious Websites From Hijacking AI Agents - March 2, 2026

2026-03-01

• StepSecurity - hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - March 1, 2026

2026-02-28

• Peter Diamandis MOONSHOTS - OpenClaw Security Fears - February 28, 2026

2026-02-27

• ZDNet - Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact - February 27 2026
• HackRead - ClawJacked Vulnerability in OpenClaw Lets Websites Hijack AI Agents - February 27, 2026
• SecurityBrief - OpenClaw AI assistant surge sparks major security fears - February 27, 2026
• Kdnuggets.com - 5 Things You Need to Know Before Using OpenClaw - February 27, 2026

2026-02-26

• Agents of Chaos - February 26, 2026
• Redmond Channel Insider - Using OpenClaw: Things to Consider as an MSP - February 26, 2026
• Security Boulevard - OpenClaw Security Risk: OAuth and SaaS Identity - February 26, 2026
• The Decoder - An OpenClaw AI agent asked to delete a confidential email nuked its own mail client and called it fixed - February 26, 2026
• ZDNet - AI agents are fast, loose, and out of control, MIT study finds - February 26, 2026

2026-02-25

• Wired - OpenClaw Users Are Allegedly Bypassing Anti-Bot Systems - February 25, 2026
• IAPS - Kimi Claw: Risks from Chinese-Hosted 'Always On' AI Agents - February 25, 2026
• Mint - OpenClaw: Did OpenAI just acquire a powerful new tool—or a security nightmare? - February 25, 2026

2026-02-24

• Gigazine - Following the huge success of OpenClaw, more AI agents like 'Claw' have appeared one after another, but OpenAI co-founder expressed concerns about OpenClaw's security - February 24, 2026
• Fast Company - 'This should terrify you': Meta Superintelligence safety director lost control of her AI agent—it deleted her emails - February 24, 2026
• Axios - The Bot Population Bomb: OpenClaw is only the Beginning - February 24, 2026
• Ryukoku.ac.jp - OpenClaw 拷 CVE-2026-25253 膈 various - February 24, 2026

2026-02-23

• Cybernews - Microsoft: ‘OpenClaw unsuited to run on standard personal or enterprise workstation’ - February 23, 2026
• PCWorld - What’s behind the OpenClaw ban wave - February 23, 2026
• InnovationAus - OpenClaw and the security risks of AI frenzy - February 23, 2026
• TechCrunch - A Meta AI security researcher said an OpenClaw agent ran amok on her inbox - February 23, 2026
• TechRadar - OpenClaw should terrify anyone who thinks AI agents are ready for real responsibility - February 23, 2026
• HelpNetSecurity - Fake troubleshooting tip on ClawHub leads to infostealer infection - February 23, 2026
• CybersecurityNews - Google Suspends OpenClaw Users from Antigravity AI After OAuth Token Abuse - February 23, 2026
• Awesome Agents - An OpenClaw Agent Published a Firm's Internal Threat Intelligence to the Open Web. It Was Doing Exactly What It Was Told. - February 23, 2026
• Malwarebytes - OpenClaw: What is it and can you use it safely? - February 23, 2026

2026-02-22

• Bloomberg - OpenClaw Might Be a Security Nightmare for Sam Altman - February 22, 2026
• CU Today - Security Experts Warn OpenClaw Could Bypass Traditional CU Cyber Defenses - February 22, 2026

2026-02-20

• PCWorld - OpenClaw AI is going viral. Don't install it - February 20, 2026
• WebProNews - OpenClaw's Security Crisis: How a Promising AI Framework Became Too Dangerous for Its Own Creators to Share Freely - February 20, 2026
• The Hacker News - Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems - February 20, 2026
• eSecurity Planet - Over 41% of Popular OpenClaw Skills Found to Contain Security Vulnerabilities - February 20, 2026
• Slashdot.org - OpenClaw Security Fears Lead Meta, Other AI Firms To Restrict Its Use - February 20, 2026

2026-02-19

• Microsoft Threat Intelligence - Confirming a small but noticeable uptick in installations of OpenClaw initiated by Cline CLI supply chain compromise - February 19, 2026
• Institutional Investor - OpenClaw: The AI Agent Institutional Investors Need to Understand — But Shouldn't Touch - February 19, 2026
• The Financial Times - OpenClaw and the privacy problems of agentic AI
• The Verge - The AI security nightmare is here and it looks suspiciously like lobster - February 19, 2026
• CSO - Six flaws found hiding in OpenClaw's plumbing - February 19, 2026

2026-02-18

• Attack of the Fanboy - Meta bans OpenClaw over security fears, but insiders say the real risk is far worse - February 18, 2026
• Cybersecurity Insiders - Socket Uncovers AI Agent is Reputation Farming to Promote Paid OpenClaw Services - February 18, 2026
• CybersecurityNews - OpenClaw AI Framework v2026.2.17 Released with Anthropic Model Support and Security Fixes - February 18, 2026
• CybersecurityNews - ClawHavoc Poisoned OpenClaw's ClawHub with 1,184 Malicious Skills, Enabling Data Theft and Backdoor Access - February 18, 2026
• gbhackers.com - OpenClaw AI Log Poisoning Flaw Enables Malicious Content Injection - February 18, 2026
• Help Net Security - SecureClaw: Dual stack open-source security plugin and skill for OpenClaw - February 18, 2026

2026-02-17

• Cline - Unauthorized npm publish of Cline CLI cline@2.3.0 with modified postinstall script to install openclaw - February 17, 2026
• Heise Online - Over 60 security vulnerabilities in AI assistant OpenClaw resolved - February 17, 2026
• eSecurity Planet - OpenClaw Flaw Enables AI Log Poisoning Risk - February 17, 2026
• WIRED - Meta and Other Tech Firms Put Restrictions on Use of OpenClaw Over Security Fears - February 17, 2026
• Infosecurity Magazine - Infostealer Targets OpenClaw to Loot Victim's Digital Life - February 17, 2026
• Techzine Global - Infostealer steals identity of AI agent OpenClaw - February 17, 2026
• TechRadar - OpenClaw AI agents targeted by infostealer malware for the first time - February 17, 2026
• The Tech Buzz - Meta Bans Viral AI Tool OpenClaw Over Security Risks - February 17, 2026
• HackerNoon - OpenClaw's 85,000 GitHub Stars Hide a Security Nightmare, Researchers Warn - February 17, 2026
• Security Boulevard - Authentication Under Fire: Why OpenClaw Needs ZTNA and AI Secure Protection - February 17, 2026
• CybersecurityNews - OpenClaw AI Log Poisoning Vulnerability Allows Malicious Content Injection - February 17, 2026
• CybersecurityNews - Threat Actors Attacking OpenClaw Configurations to Steal Login Credentials - February 17, 2026

2026-02-16

• TechCrunch - After all the hype, some AI experts don't think OpenClaw is all that exciting - February 16, 2026
• The Hacker News - Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens - February 16, 2026
• BleepingComputer - Infostealer malware found stealing OpenClaw secrets for first time - February 16, 2026

2026-02-15

• The New Stack - OpenClaw is being called a security Dumpster fire but there is a way to stay safe - February 15, 2026

2026-02-13

• VentureBeat - How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop - February 13, 2026
• CybersecurityNews - OpenClaw 2026.2.12 Released With Fix for 40+ Security Issues - February 13, 2026

2026-02-12

• Security Boulevard - 42,900 OpenClaw Exposed Control Panels and Why You Should Care - February 12, 2026
• Fortune - OpenClaw is the bad boy of AI agents. Here's why security experts say you should beware - February 12, 2026
• trendingtopics.eu - NanoClaw Challenges OpenClaw with Container-Isolated AI Agents for Enhanced Security - February 12, 2026

2026-02-11

• Help Net Security - OpenClaw Scanner: Open-source tool detects autonomous AI agents - February 11, 2026
• CSO Online - What CISOs need to know about the OpenClaw security nightmare - February 11, 2026
• IBM - OpenClaw and Claude Opus 4.6: Where is AI agent security headed? - February 11, 2026
• C-sharpcorner.com - Operating Cost of OpenClaw: What It Is and How to Predict Monthly Running Costs - February 11, 2026

2026-02-10

• Northeastern Global News - Why the OpenClaw AI agent is a "privacy nightmare" - February 10, 2026
• SD Times - Security professionals express concern over OpenClaw - February 10, 2026

2026-02-09

• SiliconANGLE - Tens of thousands of OpenClaw systems exposed by misconfigurations and known exploits - February 9, 2026
• Adnan Khan's Blog - Clinejection: Compromising Cline's Production Releases just by Prompting an Issue Triager (OpenClaw found as malware c2) - February 9, 2026
• Infosecurity Magazine - Researchers Find 40,000+ Exposed OpenClaw Instances - February 9, 2026
• trendingtopics.eu - Security Nightmare: How OpenClaw Is Fighting Malware in Its AI Agent Marketplace - February 9, 2026
• The Register - OpenClaw instances open to the internet present ripe targets - February 9, 2026
• Techzine Global - Over 40,000 OpenClaw agents vulnerable - February 9, 2026
• C-sharpcorner.com - OpenClaw Security Risks and Concerns - February 9, 2026
• Forbes - OpenClaw Showed The Future Of AI Security And It's Going To Be Rough - February 9, 2026

2026-02-08

• The Hacker News - OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills - February 8, 2026

2026-02-06

• Dark Reading - OpenClaw's Gregarious Insecurities Make Safe Usage Difficult - February 6, 2026
• Forbes - What Is OpenClaw, Formerly Moltbot? Everything You Need To Know - February 6, 2026

2026-02-05

• BankInfoSecurity - OpenClaw AI Agent Sparks Global Security Alarm - February 5, 2026
• Yahoo/Reuters - China warns of security risks linked to OpenClaw open-source AI agent - February 5, 2026
• ToxSec - Molt Road and the Rise of AI Agent Black Markets - February 5, 2026
• The New Stack - It took a researcher fewer than 2 hours to hijack OpenClaw - February 5, 2026
• The Register - It's easy to backdoor OpenClaw, and its skills leak API keys - February 5, 2026

2026-02-04

• XDA - Please stop using OpenClaw, formerly known as Moltbot, formerly known as Clawdbot - February 4, 2026
• Security Boulevard - The ‘Absolute Nightmare’ in Your DMs: OpenClaw Marries Extreme Utility with ‘Unacceptable’ Risk - February 4, 2026
• The Verge - OpenClaw's AI 'skill' extensions are a security nightmare - February 4, 2026
• Bloomberg - AI Agent Goes Rogue, Spamming OpenClaw User With 500 Messages - February 4, 2026
• SECURITY.COM - The Rise of OpenClaw - February 4, 2026
• the-decoder.com - OpenClaw's OpenDoor problem is so bad that installing malware yourself might save time - February 4, 2026

2026-02-03

• ComputerWorld - By whatever name — Moltbot, Clawd, OpenClaw — this uber AI assistant is a security nightmare - February 3, 2026
• SecurityWeek - Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant - February 3, 2026
• The Register - DIY AI bot farm OpenClaw is a security dumpster fire - February 3, 2026
• Business Insider - Why OpenClaw and Moltbook have security researchers worried - February 3, 2026
• Axios - Moltbook shows rapid demand for AI agents. The security world isn't ready. - February 3, 2026
• CNET - New AI Assistant OpenClaw Acts Like Your Digital Servant, but Experts Warn of Security Risks - February 3, 2026

2026-02-02

• Diginomica - Enterprise hits and misses - OpenClaw's security holes keep CISOs up past bedtime - February 2, 2026
• The Hacker News - OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link - February 2, 2026
• The Register - OpenClaw ecosystem still suffering severe security issues - February 2, 2026
• ZDNET - OpenClaw is a security nightmare - 5 red flags you shouldn't ignore before it's too late - February 2, 2026
• ZDNET - From Clawdbot to OpenClaw: This viral AI agent is evolving fast - and it's nightmare fuel for security pros - February 2, 2026
• The Hacker News - Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users - February 2, 2026
• PCMag - OpenClaw Is the Hot New AI Agent, But Is It Safe to Use? - February 2, 2026

2026-02-01

• The Decoder - OpenClaw (formerly Clawdbot) and Moltbook let attackers walk through the front door - February 1, 2026
• Tom's Hardware - Malicious OpenClaw 'skill' targets crypto users on ClawHub — 14 malicious skills were uploaded to ClawHub last month - February 1, 2026

2026-01-31

2026-01-30

• Angles of Attack: The AI Security Intelligence Brief - This Is Apparently The Stupidest Timeline, So I Guess We're Talking About Moltbook Now - February 1, 2026
• Dark Reading - OpenClaw AI Runs Wild in Business Environments - January 30, 2026
• VentureBeat - OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem. - January 30, 2026
• Forbes - Moltbot Gets Another New Name, OpenClaw, And Triggers Security Fears And Scams - January 30, 2026

2026-01-29

• Gartner - OpenClaw (Formerly Moltbot, Clawdbot): Agentic Productivity Comes With Unacceptable Cybersecurity Risk - January 29, 2026
• Inc - OpenClaw Can Run Your Whole Computer—and That’s Exactly Why Security Experts Are Panicking - January 29, 2026
• IBM - OpenClaw, Moltbook and the future of AI agents - January 29, 2026

2026-01-28

2026-01-26

• Forrester - Ready For OpenClaw To Pry Into Your Environment And Grip Your Data - January 26, 2026

---

OpenClaw Security Vendor Advisories

• Ox Security - OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - March 18, 2026
• ReversingLabs - OpenClaw lesson: AI agents are a black hole - March 18, 2026
• Socket.dev - OpenClaw Advisory Surge Highlights Gaps Between GHSA and CVE Tracking - March 10, 2026
• ReversingLabs - OpenClaw and AI risk: 3 AppSec lessons - March 10, 2026
• TrendMicro - CISOs in a Pinch: A Security Analysis of OpenClaw - March 10, 2026
• Cisco Blogs - How popular are AI tools like OpenClaw? Understanding AI usage across the network - March 9, 2026
• MalwareBytes - Beware of fake OpenClaw installers, even if Bing points you to GitHub - March 6, 2026
• Huntress - “Malware, from the Outside!”: How a Threat Actor Used Fake OpenClaw Installers to Infect Systems with GhostSocks and Information Stealers - March 4, 2026
• TrendMicro - Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer - February 23, 2026
• Acronis - OpenClaw: Agentic AI in the wild — Architecture, adoption and emerging security risks - February 23, 2026
• Microsoft - Running OpenClaw safely: identity, isolation, and runtime risk - February 19, 2026
• Conscia - The OpenClaw security crisis - February 18, 2026
• Endor Labs - How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities - February 18, 2026
• SecurityScorecard - What Are the Real Security Risks of Agentic AI and OpenClaw? - February 17, 2026
• Kaspersky - Key OpenClaw risks, Clawdbot, Moltbot - February 16, 2026
• Aikido Security - Why Trying to Secure OpenClaw is Ridiculous - February 13, 2026
• Sophos - The OpenClaw experiment is a warning shot for enterprise AI security - February 13, 2026
• SentinelOne - CVE-2026-25593: OpenClaw AI Assistant RCE Vulnerability - February 13, 2026
• Bitdefender - 135K OpenClaw AI Agents Exposed to Internet - February 12, 2026
• Snyk - How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware - February 10, 2026
• Kaspersky - New OpenClaw AI agent found unsafe for use - February 10, 2026
• Zscaler - A Guide to OpenClaw and Securing It with Zscaler - February 9, 2026
• Bitsight - OpenClaw Security: Risks of Exposed AI Agents Explained - February 9, 2026
• Tenable.com - I pretended to be an AI agent on Moltbook so you don't have to - February 9, 2026
• SecurityScorecard - Beyond the Hype: Moltbot's Real Risk Is Exposed Infrastructure, Not AI Superintelligence - February 9, 2026
• TrendMicro - Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants - February 6, 2026
• Snyk - 280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII - February 5, 2026
• Bitdefender - Technical Advisory: OpenClaw Exploitation in Enterprise Networks - February 5, 2026
• Palo Alto Networks - The Moltbook Case and How We Need to Think about Agent Security - February 5, 2026
• Giskard - OpenClaw security vulnerabilities include data leakage and prompt injection risks - February 4, 2026
• Zenity Labs - OpenClaw or OpenDoor? - February 4, 2026
• OX Security - You Can't Just Delete OpenClaw: You Gave It Access to Everything. Now What? - February 4, 2026
• Snyk - Inside the 'clawdhub' Malicious Campaign: AI Agent Skills Drop Reverse Shells on OpenClaw Marketplace - February 4, 2026
• CrowdStrike - What Security Teams Need to Know About OpenClaw, the AI Super Agent - February 4, 2026
• Tenable - Clawdbot: How to Mitigate Agentic AI Security Vulnerabilities - February 3, 2026
• Censys - OpenClaw in the Wild: Mapping the Public Exposure of a Viral AI Assistant - January 31, 2026
• Palo Alto Networks - OpenClaw formerly Moltbot, Clawdbot May Signal the Next AI Security Crisis - January 29, 2026
• GitGuardian - OpenClaw (Moltbot) Personal Assistant Goes Viral – And So Do Your Secrets - January 29, 2026
• Cisco Blogs - Personal AI Agents like OpenClaw Are a Security Nightmare - January 28, 2026

---

Use as an Agent Skill

This repo can be used as a skill by OpenClaw or other AI agents.

Add to your agent's skill instructions:

Fetch OpenClaw security news from:
https://raw.githubusercontent.com/joylarkin/openclaw-security-news/main/README.md

When asked about OpenClaw security, vulnerabilities, or incidents:
1. Fetch the above URL
2. Return the most recent section, or filter by topic/date as requested
3. Cite source as: OpenClaw Security News (https://github.com/joylarkin/openclaw-security-news)

Trigger phrases: OpenClaw, Moltbot, Clawdbot, ClawHub, OpenClaw security, OpenClaw vulnerabilities, OpenClaw malware, OpenClaw threats, OpenClaw cybersecurity, OpenClaw risks, OpenClaw hacks, OpenClaw news

---