2026 OpenClaw Security News

A collection of global government warnings, security advisories, and news headlines about OpenClaw Security for AI builders, developers, and investors. Updated twice daily.

Why this matters? Because you should be aware of the ongoing global conversation about OpenClaw security.

🟩 OpenClaw Observability · OpenClaw Headlines · Security Vendor Advisories
🟩 Use as an Agent Skill · Use as an MCP Server
📡 Real-time RSS Updates

---

Government Warnings About OpenClaw

• NVD National Vulnerability Database - Search for OpenClaw
• CERT BUND Germany - WID-SEC-2026-0424 OpenClaw: Mehrere Schwachstellen
• CERT BUND Germany - Search for OpenClaw Advisories
• Centre for Cybersecurity Belgium - Search for OpenClaw Advisories
• CERT CVE Croatia - Proizvođač: openclaw
• RTI News (TW) - Taiwan moves to regulate surge in AI-driven crime and security risks - March 18, 2026
• Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) - OpenClaw’s Rapid Adoption Exposes Skills Supply Chain and Fake Installer Risks in a High-Privilege AI Agent Platform - March 17, 2026
• Global Times - China's state news media issues security warning over OpenClaw amid social media frenzy - March 8, 2026
• autoriteitpersoonsgegevens.nl - The Autoriteit Persoonsgegevens (AP), the Dutch data protection authority, warns of major security risks with AI agents like OpenClaw - February 12, 2026
• Digital Watch Observatory - OpenClaw faces rising security pushback in South Korea - February 9, 2026
• Reuters - China warns of security risks linked to OpenClaw open-source AI agent - February 5, 2026

---

OpenClaw Observability

• OpenClaw Exposure Watchboard - This page lists publicly reachable active OpenClaw instances for defensive awareness
• AIPwn - OpenClaw Security Watchboard
• DECLAWED - A live threat intelligence dashboard built by SecurityScorecard's STRIKE Team providing visibility into the global exposure of OpenClaw AI agent control panels

---

OpenClaw Headlines

2026-04-22

• Forbes - Problems With OpenClaw? You’re Not Alone - April 22, 2026
• The Information - OpenClaw Struggles to Grow Up After Overnight Success - April 22, 2026
• TechRadar - 'The math is simple': OpenClaw 'Trojan Horse' AI agents give hackers full control of 28,000+ systems - April 22, 2026
• Born/City (DE) - OpenClaw: KI-System löst globale Sicherheitskrise aus - April 22, 2026

2026-04-21

• Centre for Cybersecurity Belgium - Warning: Privilege Escalation in OpenClaw, Patch Immediately! - April 21, 2026

2026-04-20

• Cybernews - I asked OpenClaw to analyze stocks, but it failed and killed itself - April 20, 2026

2026-04-19

• CNBC - SiIicon Valley’s AI agent hiccups: Wasted tokens and ‘chaotic’ systems - April 19, 2026

2026-04-18

• AFP/France24/Globally Syndicated - AI 'agent' fever comes with lurking security threats - April 18, 2026

2026-04-17

• Infosecurity Magazine - OpenClaw Exposes the Real Cybersecurity Risks of Agentic AI - April 17, 2026
• Supply House Times - AI is moving faster than your security policies - April 17, 2026
• Arabian Post (UAE) - OpenClaw sharpens agentic AI security warning - April 17, 2026

2026-04-16

• The National Tribune (AU) - OpenClaw And Security Risks Of AI Frenzy - April 16, 2026

2026-04-15

• Twitter - I ran my own analysis which flags fake stars based on spam clustering and account activity - April 15, 2026
• Pune Times Mirror (IN) - Microsoft OpenClaw Copilot AI Sparks Bold Promise, Serious Fears - April 15, 2026

2026-04-14

• PCMag - 4 Critical Reasons OpenClaw Is the Most Overhyped AI Tool Right Now - April 14, 2026

2026-04-13

• American Banker - AI agents are going rogue. Here's what banks can do about it - April 13, 2026
• BCG - CIOs, OpenClaw, and the New Wave of Autonomous AI Agents - April 13, 2026
• KDNuggets - Are AI Agents Your Next Security Nightmare? - April 13, 2026

2026-04-10

• Times of India - Salesforce CEO Marc Benioff on the AI agent OpenClaw that Sam Altman spent billions on: It cannot be trusted because... - April 10, 2026

2026-04-09

• Institutional Investor - Institutional Investors Take Note: the OpenClaw Security Threat Is No Longer Theoretical - April 9, 2026
• TechBullion (UK) - OpenClaw Has 230,000 GitHub Stars and a Security Problem – This Is How the Industry Is Responding - April 9, 2026

2026-04-08

• Android Headlines - Critical OpenClaw AI Vulnerability Hands Out Admin Access to Attackers: Update Now - April 8, 2026

2026-04-07

• Mashable - A frightening OpenClaw vulnerability has been discovered - April 7, 2026
• Greenbone.net - GreenboneOS: March 2026 Threat Report: New Critical Risks Span the Enterprise Attack Surface - April 7, 2026

2026-04-06

• Blink - OpenClaw CVEs 2026: Complete Vulnerability Timeline - April 6, 2026
• BBC (UK) - How China fell for a lobster: What an AI assistant tells us about Beijing's ambition - April 6, 2026
• The AI Journal - The Identity Problem Agent Swarms Can’t Ignore - April 6, 2026

2026-04-04

• DongA Science (KR) - New AI Agent 'OpenClaw' Faces Immediate Bans Over Security Concerns - April 4, 2026
• Alltoc.com - OpenClaw security risks drive malware scares #tech - April 4, 2026

2026-04-03

• Reddit - If you're running OpenClaw, you probably got hacked in the last week CVE-2026-33579 CVSS 8.6 HIGH - April 3, 2026
• Ars Technica - OpenClaw gives users yet another reason to be freaked out about security - April 3, 2026
• Startup Fortune - OpenClaw Users Should Assume Compromise, Security Experts Warn - April 3, 2026
• InfoWorld - Understanding the risks of OpenClaw - April 3, 2026
• XDA Developers - I ran Nvidia's NemoClaw to see if OpenClaw is finally safe, but it still has the same problems - April 6, 2026
• Open Source For U - China’s OpenClaw Gold Rush Turns Into Security Panic - April 3, 2026
• Korea Startup Post - CertiK Announces the “OpenClaw Security Report”… Warning of Security Architecture Flaws in AI Agent Systems - April 3, 2026

2026-04-02

• Coinfomania - Vitalik Buterin Flags Data Exfiltration Risks in OpenClaw - April 2, 2026
• TechNode - OpenClaw launches official China mirror with infrastructure support from ByteDance - April 2, 2026

2026-04-01

• TechRadar - Here are the OpenClaw security risks you should know about - April 1, 2026
• TNGlobal - Why OpenClaw is forcing a rethink of AI security, trust, and authority - April 1, 2026
• Transparency Coalition - TCAI Guide: The risks of AI agents built with OpenClaw and other frameworks - April 1, 2026
• Crypto News Australia - AI Agent Boom Turns Risky: OpenClaw Exposes Millions to Hacks and Crypto Theft - April 1, 2026
• Global Times (CN) - China’s National Intellectual Property Administration warns of hidden risks of using agentic AI tools to draft patent applications - April 1, 2026

2026-03-31

• VentureBeat - OpenClaw has 500,000 instances and no enterprise kill switch - March 31, 2026
• TechTalks - How GhostClaw exploits macOS and OpenClaw to steal developer credentials - March 31, 2026
• Wiz - Axios NPM Distribution Compromised in Supply Chain Attack - March 31, 2026
• FinanceFeeds - OpenClaw’s Security Crisis: The Hidden Risks Behind AI Agents - March 31, 2026
• Digital Today (KR) - AI agents could act like malware, urgent need for controls - March 31, 2026
• The News International (PK) - AI agents or malware? Experts reveal shocking hidden dangers - March 31, 2026

2026-03-30

• SiliconANGLE - On theCUBE Pod: RSAC raises alarms over open-source agents and KubeCon’s role changes in the wake of AI - March 30, 2026
• Kaspersky - Why AI agents need an iron curtain - March 30, 2026
• flyingpenguin - Why I Replaced OpenClaw: Wirken for a Secure Agentic World - March 30, 2026
• SystemTek (UK) - OpenClaw Canvas Path Traversal Information Disclosure Vulnerability (CVE-2026-3689) - March 30, 2026
• Mezha.net (UA) - OpenClaw adoption explodes across China, authorities warn of cyber risks - March 30, 2026
• ChinaDaily.com.cn - Expert proposes 'raise lobster in a sandbox' - March 30, 2026

2026-03-29

• The Wire China - How the OpenClaw Frenzy Is Testing China's AI Commitment - March 29, 2026
• 36Kr - 蚂蚁集团安全团队发现OpenClaw多个高危漏洞并协助快速修复 - March 29, 2026
• Seclists.org - OpenClaw MEDIA: Protocol Prompt Injection - File Disclosure Bypassing Tool Permissions Silently Fixed, Report Denied - March 29, 2026

2026-03-28

• The New Stack - Nvidia’s NemoClaw has three layers of agent security. None of them solve the real problem - March 28, 2026
• Blockchain Council - Inside the NemoClaw Attack Chain: Tactics and IoCs - March 28, 2026

2026-03-27

• SEMAFOR - Exclusive / How I jailbroke an OpenClaw PR agent - March 27, 2026
• 36Kr - For enterprise-level AI agents, should you choose open-source or closed-source? - March 27, 2026

2026-03-26

• Futurism - OpenClaw Bots Are a Security Disaster - March 26, 2026

2026-03-25

• WIRED - OpenClaw Agents Can Be Guilt-Tripped Into Self-Sabotage - March 25, 2026
• Canadian HR Reporter (CA) - 'A hard no': Next wave of agentic AI upping the ante - March 25, 2026
• ComputerWeekly - Why OpenClaw agents are the next big enterprise challenge - March 25, 2026
• The Business Times (SG) - OpenClaw’s rapid rise exposes ‘shadow AI’ risks in Singapore firms - March 25, 2026
• SiliconANGLE News - Adversaries log in: Speed and strength of AI-fueled attacks have cybersecurity industry playing catch-up - March 25, 2026

2026-03-24

• SecurityWeek - Why Agentic AI Systems Need Better Governance – Lessons from OpenClaw - March 24, 2026
• CSO - Autonomous AI adoption is on the rise, but it’s risky - March 24, 2026
• Cybersecurity Insiders - The unprecedented consolidation capabilities of OpenClaw hold risks - March 24, 2026
• DarkReading - GitHub 'OpenClaw Deployer' Repo Delivers Trojan Instead - March 24, 2026
• Business Insider - OpenClaw creator says he got a token refund request for errors the AI agent made with 'sensitive financial documents' - March 24, 2026
• 36Kr - The WeChat Lobster plugin crashed after just 72 hours on the market due to an update from OpenClaw - March 24, 2026
• South China Morning Post - OpenClaw is designed to execute everyday tasks so you don’t have to, but what are the pitfalls? - March 25, 2026

2026-03-23

• Seeking Alpha - OpenClaw Is A Liability, Not The Breakthrough The AI Frenzy Suggests - March 23, 2026
• NBC News - In China, a rush to 'raise lobsters' quickly leads to second thoughts - March 23, 2026
• Think China (SG) - A short-lived catch: China’s AI lobster frenzy - March 23, 2026
• SiliconANGLE News - Cisco debuts new AI agent security features, open-source DefenseClaw tool - March 23, 2026

2026-03-22

• Forbes - 2 Reasons I Turned Off My OpenClaw, My Personal AI Assistant - March 22, 2026
• flyingpenguin - OpenClaw Threat: Where Encryption Goes to Die - March 22, 2026
• MEXC - OpenClaw founder confirms in reply that 360 was the exclusive discoverer of the vulnerability - March 22, 2026
• China Daily (CN) - Guidelines released to curb OpenClaw security risks - March 22, 2026
• People's Daily Online (CN) - China releases OpenClaw security guidance for users, cloud providers, developers - March 22, 2026

2026-03-20

• CIO.com - Autonomous AI adoption is on the rise, but it’s risky - March 20, 2026
• Caixin Global (CN) - China Internet Finance Body Raises Alarm Over OpenClaw AI - March 20, 2026

2026-03-19

• CNET - Nvidia's NemoClaw Promises a More Secure Way to Deploy AI Agents, but Is It Really Safer? - March 19, 2026
• DailyCoin - Devs Targeted in OpenClaw GitHub Phishing Campaign - March 19, 2026
• BeInCrypto - OpenClaw Creator Warns of Crypto Phishing Wave: ‘We Would Never Do That’ - March 19, 2026

2026-03-18

• Times Now News (IN) - Why China Is Warning Users Against OpenClaw After Its Sudden Popularity | Explained - March 18, 2026
• news.de (DE) - OpenClaw: IT-Sicherheitslücke mit hohem Risiko! Warnung erhält Update - March 18, 2026
• EKHBARY (EG) - China's OpenClaw Frenzy: An AI Gold Rush Facing Technical Hurdles - March 18, 2026
• TechNode - ByteDance issues internal OpenClaw security rules, launches ByteClaw - March 18, 2026

2026-03-17

• Gizmodo - Amid AI Agent Boom, the Tech Industry Makes It Clear: With Great Laziness Comes Great Responsibility - March 17, 2026
• The New York Times - China Is Embracing OpenClaw, a New A.I. Agent, and the Government Is Wary - March 17, 2026
• TechRepublic - OpenClaw, the Fastest-Adopted Software Ever, Is Also a Security Blind Spot - March 17, 2026
• Techzine (EU) - OpenClaw bypasses security layers and reveals new attack vectors - March 17, 2026
• Digitimes Asia - China reins in OpenClaw surge, flags AI agent security risks - March 17, 2026
• SDxCentral - Nvidia details NemoClaw security guardrails in wake of AI agent concerns - March 17, 2026
• The Times of India - Why founders are flocking to OpenClaw? - March 17, 2026

2026-03-16

• gbhackers - OpenClaw AI Agents Vulnerable to Indirect Prompt Injection, Causing Data Leaks - March 16, 2026
• Twitter/Guanxing/@CertiK - Skill Scanning Is Not a Security Boundary - March 16, 2026
• VentureBeat - OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert - March 16, 2026
• TechCrunch - Nvidia’s version of OpenClaw could solve its biggest problem: security - March 16, 2026
• GovInfoSecurity - OpenClaw Exposes Hidden Risks in Agentic AI - March 16, 2026
• Embrace The Red - Agent Commander: Promptware-Powered Command and Control - March 16, 2026
• NTD - China’s ‘Lobster’ AI Craze Draws Security Warnings as Operating Costs Rise - March 16, 2026
• TechJuice (PK) - Researchers Warn OpenClaw AI Agents Are Leaking User Data - March 16, 2026
• rthk.hk (HK) - IT chief urges caution over OpenClaw security risks - March 16, 2026
• The Star (MY) - Hong Kong warns govt departments not to install AI tool OpenClaw - March 16, 2026

2026-03-15

• InfoQ - AWS Launches Managed Openclaw on Lightsail Amid Critical Security Vulnerabilities - March 15, 2026
• TechRadar - Chinese government cracks down on in-office OpenClaw use over potential security risks - March 15, 2026
• Taipei Times (TW) - AI agents blowing up in China, but security risks yet abound - March 15, 2026
• Global Times (CN) - China issues risk warning regarding OpenClaw application security in internet financial sector - March 15, 2026
• Xinhua (CN) - Explainer: In OpenClaw frenzy, should we be cheery or worried? - March 15, 2026
• Inc - How to Experiment Safely With OpenClaw Without Risking Your Company’s Data - March 15, 2026

2026-03-14

• The Hacker News - OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration - March 14, 2026
• New Straits Times (MY) - Security risks of AI bot OpenClaw grips China - March 14, 2026

2026-03-13

• South China Morning Post - Hong Kong government workers warned not to install OpenClaw due to security risks - March 13, 2026
• Global Times (CN) - China issues risk alert on viral AI agent OpenClaw, urging users to limit privileges - March 13, 2026
• Bloomberg - China’s OpenClaw Obsession Is a Risky Gamble on Experimental AI - March 13, 2026

2026-03-12

• Fast Company - China went crazy for OpenClaw. Now it’s working to ban it - March 12, 2026
• ZDNet - Why Moltbook and OpenClaw are the fool's gold in our AI boom - March 12, 2026
• Yunnan Normal University (CN) - 关于防范OpenClaw（龙虾）开源AI智能体安全风险的预警提示 - March 12, 2026
• TechWireAsia - OpenClaw: The agentic AI security wake-up call enterprises didn’t ask for - March 12, 2026
• The Standard (HK) - Digital Policy Office warns of OpenClaw security risks as mainland moves to restrict use - March 12, 2026
• Caixin Global (CN) - Tech Brief (March 12): MIIT Warns of Security Risks in OpenClaw - March 12, 2026
• South China Morning Post - Amid OpenClaw frenzy, China’s central bank adds to cybersecurity warnings - March 12, 2026
• Business Insider - China rushed to use OpenClaw. Now, some stressed-out users are forking out cash to uninstall the AI agent - March 12, 2026

2026-03-11

• Solutions Review - How OpenClaw’s Flawed Design Philosophy Left Organizations Exposed to Active Attacks - March 11, 2026
• RADII - Why is China Suddenly Uninstalling Openclaw, the Free, Open-Source AI Agent? - March 11,2026
• Twitter - Risk Warning Regarding the Security Use of OpenClaw - Source: China CNCERT - March 11, 2026
• Bloomberg - What Is OpenClaw? AI Marvel or Cybersecurity Nightmare? - March 11, 2026

2026-03-10

• Twitter - Quick OpenClaw update: 6.4K open issues / 5.5K open PRs / 230 unresolved security vulnerabilities (+200% MoM) - March 10, 2026
• Bloomberg - China Moves to Curb Use of OpenClaw AI for Banks, State Agencies - March 10, 2026
• South China Morning Post - China issues second warning on OpenClaw risks amid adoption frenzy - March 10, 2026
• PA News - The first victims of OpenClaw have emerged! 4 security basics you must know before installation - March 10, 2026
• Cyber Security News - OpenClaw Advisory Surge Exposes Gap Between GitHub and CVE Vulnerability Tracking - March 10, 2026

2026-03-09

• South China Morning Post - Chinese local governments offer OpenClaw project subsidies as security questions linger - March 9, 2026
• Bitget - SlowMist CISO: Security Risk Found in USB Version of OpenClaw - March 9,2026
• The Hacker News - Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials - March 9, 2026

2026-03-08

• Jfrog Security Research - GhostClaw Unmasked: A Malicious npm Package Impersonating OpenClaw to Steal Everything - March 8, 2026
• Xinhua (CN) - AI "cultivating lobster" became popular, official tips → - March 8, 2026
• Binance News - China Warns of Security Risks in OpenClaw AI Agent - March 8, 2026
• Krebs on Security - How AI Assistants are Moving the Security Goalposts - March 9,2026

2026-03-06

• Lawfare - China’s Agentic AI Controversy - March 6, 2026
• Belgium - Warning: Multiple critical vulnerabilities in OpenClaw's Nextcloud Talk plugin, Patch Immediately! - March 6, 2026

2026-03-05

• Heimdal Security - OpenClaw Incidents Show Why AI Adoption Pressure Puts Companies at Risk - March 5, 2026
• grith.ai - A GitHub Issue Title Compromised 4,000 Developer Machines - March 5, 2026
• InfoWorld - What I learned as an undercover agent on Moltbook - March 5, 2026
• Forbes - Five Things You Should Not Do With OpenClaw - March 5, 2026
• MIT Technology News - Online harassment is entering its AI era - March 5, 2026

2026-03-04

• Security Boulevard - How Threat Actors Turned OpenClaw Into a Scraping Botnet - March 4, 2026
• The Register - Malware-laced OpenClaw installers get Bing AI search boost - March 4, 2026
• smu.edu IT Connect - OpenClaw: Security Risks and Institutional Position - March 4, 2026
• CPO Magazine - Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking - March 4, 2026

2026-03-03

• The New Stack - OpenClaw rocks to GitHub's most-starred status, but is it safe? - March 3, 2026
• Techstrong.tv - OpenClaw Risks, AI-Powered Cyberattacks & The Future of Junior Devs | TSG Ep. 1031 - March 3, 2026
• MasterCard - Before the music stops: OpenClaw and the growing need for AI security standards - March 3, 2026
• 36Kr - I advise you not to blindly follow the trend of this wave of OpenClaw - March 3, 2026
• Global Times (CN) - Chinese authorities warn against misuse of OpenClaw amid rising security risks of unauthorized information leaks; expert urges users to strictly manage access - March 3, 2026

2026-03-02

• DarkReading - Critical OpenClaw Vulnerability Exposes AI Agent Risks - March 2, 2026
• SOCRadar - OpenClaw’s ClawJacked Vulnerability Explained, What Organizations Need to Know - March 2, 2026
• Infosecurity Magazine - ClawJacked Bug Enables Covert AI Agent Hijacking - March 2, 2026
• pymnts.com - OpenClaw Patch Prevents Malicious Websites From Hijacking AI Agents - March 2, 2026

2026-03-01

• StepSecurity - hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far - March 1, 2026

2026-02-28

• Peter Diamandis MOONSHOTS - OpenClaw Security Fears - February 28, 2026

2026-02-27

• ZDNet - Destroyed servers and DoS attacks: What can happen when OpenClaw AI agents interact - February 27 2026
• HackRead - ClawJacked Vulnerability in OpenClaw Lets Websites Hijack AI Agents - February 27, 2026
• SecurityBrief - OpenClaw AI assistant surge sparks major security fears - February 27, 2026
• Kdnuggets.com - 5 Things You Need to Know Before Using OpenClaw - February 27, 2026

2026-02-26

• Agents of Chaos - February 26, 2026
• Redmond Channel Insider - Using OpenClaw: Things to Consider as an MSP - February 26, 2026
• Security Boulevard - OpenClaw Security Risk: OAuth and SaaS Identity - February 26, 2026
• The Decoder - An OpenClaw AI agent asked to delete a confidential email nuked its own mail client and called it fixed - February 26, 2026
• ZDNet - AI agents are fast, loose, and out of control, MIT study finds - February 26, 2026

2026-02-25

• Wired - OpenClaw Users Are Allegedly Bypassing Anti-Bot Systems - February 25, 2026
• IAPS - Kimi Claw: Risks from Chinese-Hosted 'Always On' AI Agents - February 25, 2026
• Mint - OpenClaw: Did OpenAI just acquire a powerful new tool—or a security nightmare? - February 25, 2026

2026-02-24

• Gigazine - Following the huge success of OpenClaw, more AI agents like 'Claw' have appeared one after another, but OpenAI co-founder expressed concerns about OpenClaw's security - February 24, 2026
• Fast Company - 'This should terrify you': Meta Superintelligence safety director lost control of her AI agent—it deleted her emails - February 24, 2026
• Axios - The Bot Population Bomb: OpenClaw is only the Beginning - February 24, 2026
• Ryukoku.ac.jp - OpenClaw 拷 CVE-2026-25253 膈 various - February 24, 2026

2026-02-23

• Cybernews - Microsoft: ‘OpenClaw unsuited to run on standard personal or enterprise workstation’ - February 23, 2026
• PCWorld - What’s behind the OpenClaw ban wave - February 23, 2026
• InnovationAus - OpenClaw and the security risks of AI frenzy - February 23, 2026
• TechCrunch - A Meta AI security researcher said an OpenClaw agent ran amok on her inbox - February 23, 2026
• TechRadar - OpenClaw should terrify anyone who thinks AI agents are ready for real responsibility - February 23, 2026
• HelpNetSecurity - Fake troubleshooting tip on ClawHub leads to infostealer infection - February 23, 2026
• CybersecurityNews - Google Suspends OpenClaw Users from Antigravity AI After OAuth Token Abuse - February 23, 2026
• Awesome Agents - An OpenClaw Agent Published a Firm's Internal Threat Intelligence to the Open Web. It Was Doing Exactly What It Was Told. - February 23, 2026
• Malwarebytes - OpenClaw: What is it and can you use it safely? - February 23, 2026

2026-02-22

• Bloomberg - OpenClaw Might Be a Security Nightmare for Sam Altman - February 22, 2026
• CU Today - Security Experts Warn OpenClaw Could Bypass Traditional CU Cyber Defenses - February 22, 2026

2026-02-20

• PCWorld - OpenClaw AI is going viral. Don't install it - February 20, 2026
• WebProNews - OpenClaw's Security Crisis: How a Promising AI Framework Became Too Dangerous for Its Own Creators to Share Freely - February 20, 2026
• The Hacker News - Cline CLI 2.3.0 Supply Chain Attack Installed OpenClaw on Developer Systems - February 20, 2026
• eSecurity Planet - Over 41% of Popular OpenClaw Skills Found to Contain Security Vulnerabilities - February 20, 2026
• Slashdot.org - OpenClaw Security Fears Lead Meta, Other AI Firms To Restrict Its Use - February 20, 2026

2026-02-19

• DarkReading - Supply Chain Attack Secretly Installs OpenClaw for Cline Users - February 19, 2026
• Microsoft Threat Intelligence - Confirming a small but noticeable uptick in installations of OpenClaw initiated by Cline CLI supply chain compromise - February 19, 2026
• Institutional Investor - OpenClaw: The AI Agent Institutional Investors Need to Understand — But Shouldn't Touch - February 19, 2026
• The Financial Times - OpenClaw and the privacy problems of agentic AI
• The Verge - The AI security nightmare is here and it looks suspiciously like lobster - February 19, 2026
• CSO - Six flaws found hiding in OpenClaw's plumbing - February 19, 2026

2026-02-18

• Attack of the Fanboy - Meta bans OpenClaw over security fears, but insiders say the real risk is far worse - February 18, 2026
• Cybersecurity Insiders - Socket Uncovers AI Agent is Reputation Farming to Promote Paid OpenClaw Services - February 18, 2026
• CybersecurityNews - OpenClaw AI Framework v2026.2.17 Released with Anthropic Model Support and Security Fixes - February 18, 2026
• CybersecurityNews - ClawHavoc Poisoned OpenClaw's ClawHub with 1,184 Malicious Skills, Enabling Data Theft and Backdoor Access - February 18, 2026
• gbhackers.com - OpenClaw AI Log Poisoning Flaw Enables Malicious Content Injection - February 18, 2026
• Help Net Security - SecureClaw: Dual stack open-source security plugin and skill for OpenClaw - February 18, 2026

2026-02-17

• Cline - Unauthorized npm publish of Cline CLI cline@2.3.0 with modified postinstall script to install openclaw - February 17, 2026
• Heise Online - Over 60 security vulnerabilities in AI assistant OpenClaw resolved - February 17, 2026
• eSecurity Planet - OpenClaw Flaw Enables AI Log Poisoning Risk - February 17, 2026
• WIRED - Meta and Other Tech Firms Put Restrictions on Use of OpenClaw Over Security Fears - February 17, 2026
• Infosecurity Magazine - Infostealer Targets OpenClaw to Loot Victim's Digital Life - February 17, 2026
• Techzine Global - Infostealer steals identity of AI agent OpenClaw - February 17, 2026
• TechRadar - OpenClaw AI agents targeted by infostealer malware for the first time - February 17, 2026
• The Tech Buzz - Meta Bans Viral AI Tool OpenClaw Over Security Risks - February 17, 2026
• HackerNoon - OpenClaw's 85,000 GitHub Stars Hide a Security Nightmare, Researchers Warn - February 17, 2026
• Security Boulevard - Authentication Under Fire: Why OpenClaw Needs ZTNA and AI Secure Protection - February 17, 2026
• CybersecurityNews - OpenClaw AI Log Poisoning Vulnerability Allows Malicious Content Injection - February 17, 2026
• CybersecurityNews - Threat Actors Attacking OpenClaw Configurations to Steal Login Credentials - February 17, 2026

2026-02-16

• TechCrunch - After all the hype, some AI experts don't think OpenClaw is all that exciting - February 16, 2026
• The Hacker News - Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens - February 16, 2026
• BleepingComputer - Infostealer malware found stealing OpenClaw secrets for first time - February 16, 2026

2026-02-15

• The New Stack - OpenClaw is being called a security Dumpster fire but there is a way to stay safe - February 15, 2026

2026-02-13

• VentureBeat - How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop - February 13, 2026
• CybersecurityNews - OpenClaw 2026.2.12 Released With Fix for 40+ Security Issues - February 13, 2026

2026-02-12

• Security Boulevard - 42,900 OpenClaw Exposed Control Panels and Why You Should Care - February 12, 2026
• Fortune - OpenClaw is the bad boy of AI agents. Here's why security experts say you should beware - February 12, 2026
• trendingtopics.eu - NanoClaw Challenges OpenClaw with Container-Isolated AI Agents for Enhanced Security - February 12, 2026

2026-02-11

• Help Net Security - OpenClaw Scanner: Open-source tool detects autonomous AI agents - February 11, 2026
• CSO Online - What CISOs need to know about the OpenClaw security nightmare - February 11, 2026
• IBM - OpenClaw and Claude Opus 4.6: Where is AI agent security headed? - February 11, 2026
• C-sharpcorner.com - Operating Cost of OpenClaw: What It Is and How to Predict Monthly Running Costs - February 11, 2026

2026-02-10

• Northeastern Global News - Why the OpenClaw AI agent is a "privacy nightmare" - February 10, 2026
• SD Times - Security professionals express concern over OpenClaw - February 10, 2026

2026-02-09

• SiliconANGLE - Tens of thousands of OpenClaw systems exposed by misconfigurations and known exploits - February 9, 2026
• Adnan Khan's Blog - Clinejection: Compromising Cline's Production Releases just by Prompting an Issue Triager (OpenClaw found as malware c2) - February 9, 2026
• Infosecurity Magazine - Researchers Find 40,000+ Exposed OpenClaw Instances - February 9, 2026
• trendingtopics.eu - Security Nightmare: How OpenClaw Is Fighting Malware in Its AI Agent Marketplace - February 9, 2026
• The Register - OpenClaw instances open to the internet present ripe targets - February 9, 2026
• Techzine Global - Over 40,000 OpenClaw agents vulnerable - February 9, 2026
• C-sharpcorner.com - OpenClaw Security Risks and Concerns - February 9, 2026
• Forbes - OpenClaw Showed The Future Of AI Security And It's Going To Be Rough - February 9, 2026

2026-02-08

• The Hacker News - OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills - February 8, 2026

2026-02-06

• Dark Reading - OpenClaw's Gregarious Insecurities Make Safe Usage Difficult - February 6, 2026
• Forbes - What Is OpenClaw, Formerly Moltbot? Everything You Need To Know - February 6, 2026

2026-02-05

• BankInfoSecurity - OpenClaw AI Agent Sparks Global Security Alarm - February 5, 2026
• Chief Executive - OpenClaw: A New Class Of Autonomous AI Requires Attention - February 5, 2026
• Security Boulevard - The OpenClaw Threat: A CISO’s Briefing on the Biggest Agentic AI Crisis To Date – FireTail Blog - February 5, 2026
• Yahoo/Reuters - China warns of security risks linked to OpenClaw open-source AI agent - February 5, 2026
• ToxSec - Molt Road and the Rise of AI Agent Black Markets - February 5, 2026
• The New Stack - It took a researcher fewer than 2 hours to hijack OpenClaw - February 5, 2026
• The Register - It's easy to backdoor OpenClaw, and its skills leak API keys - February 5, 2026

2026-02-04

• XDA - Please stop using OpenClaw, formerly known as Moltbot, formerly known as Clawdbot - February 4, 2026
• Security Boulevard - The ‘Absolute Nightmare’ in Your DMs: OpenClaw Marries Extreme Utility with ‘Unacceptable’ Risk - February 4, 2026
• The Verge - OpenClaw's AI 'skill' extensions are a security nightmare - February 4, 2026
• Bloomberg - AI Agent Goes Rogue, Spamming OpenClaw User With 500 Messages - February 4, 2026
• SECURITY.COM - The Rise of OpenClaw - February 4, 2026
• the-decoder.com - OpenClaw's OpenDoor problem is so bad that installing malware yourself might save time - February 4, 2026

2026-02-03

• ComputerWorld - By whatever name — Moltbot, Clawd, OpenClaw — this uber AI assistant is a security nightmare - February 3, 2026
• SecurityWeek - Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant - February 3, 2026
• The Register - DIY AI bot farm OpenClaw is a security dumpster fire - February 3, 2026
• Business Insider - Why OpenClaw and Moltbook have security researchers worried - February 3, 2026
• Axios - Moltbook shows rapid demand for AI agents. The security world isn't ready. - February 3, 2026
• CNET - New AI Assistant OpenClaw Acts Like Your Digital Servant, but Experts Warn of Security Risks - February 3, 2026

2026-02-02

• Diginomica - Enterprise hits and misses - OpenClaw's security holes keep CISOs up past bedtime - February 2, 2026
• The Hacker News - OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link - February 2, 2026
• The Register - OpenClaw ecosystem still suffering severe security issues - February 2, 2026
• ZDNET - OpenClaw is a security nightmare - 5 red flags you shouldn't ignore before it's too late - February 2, 2026
• ZDNET - From Clawdbot to OpenClaw: This viral AI agent is evolving fast - and it's nightmare fuel for security pros - February 2, 2026
• The Hacker News - Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users - February 2, 2026
• PCMag - OpenClaw Is the Hot New AI Agent, But Is It Safe to Use? - February 2, 2026

2026-02-01

• The Decoder - OpenClaw (formerly Clawdbot) and Moltbook let attackers walk through the front door - February 1, 2026
• Tom's Hardware - Malicious OpenClaw 'skill' targets crypto users on ClawHub — 14 malicious skills were uploaded to ClawHub last month - February 1, 2026

2026-01-31

2026-01-30

• Angles of Attack: The AI Security Intelligence Brief - This Is Apparently The Stupidest Timeline, So I Guess We're Talking About Moltbook Now - February 1, 2026
• Dark Reading - OpenClaw AI Runs Wild in Business Environments - January 30, 2026
• VentureBeat - OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem. - January 30, 2026
• Forbes - Moltbot Gets Another New Name, OpenClaw, And Triggers Security Fears And Scams - January 30, 2026

2026-01-29

• Gartner - OpenClaw (Formerly Moltbot, Clawdbot): Agentic Productivity Comes With Unacceptable Cybersecurity Risk - January 29, 2026
• Inc - OpenClaw Can Run Your Whole Computer—and That’s Exactly Why Security Experts Are Panicking - January 29, 2026
• IBM - OpenClaw, Moltbook and the future of AI agents - January 29, 2026

2026-01-28

2026-01-27

• Mashable - Clawdbot AI security risks you need to know before trying it - January 27, 2026

2026-01-26

• Forrester - Ready For OpenClaw To Pry Into Your Environment And Grip Your Data - January 26, 2026

---

OpenClaw Security Vendor Advisories

• VulnCheck - Ongoing OpenClaw CVE Advisories
• Qualys - Anatomy of an Autonomous AI Agent Risk: How Qualys ETM Connects the Dots on OpenClaw - April 13, 2026
• Barracuda Networks - OpenClaw security risks: What security teams need to know about agentic AI - April 9, 2026
• Cyble - The Week in Vulnerabilities: OpenClaw, FreeBSD, F5 BIG-IP, and Critical ICS Bugs - April 9, 2026
• Critical Path Security - CVE-2026-32987: Privilege Escalation in OpenClaw via Bootstrap Code Replay - April 6, 2026
• Wizard Cyber - OpenClaw: When Autonomous AI Becomes A High-Privilege Security Risk - April 1, 2026
• CertiK - OpenClaw Security Report - March 31, 2026
• ARMO - CVE-2026-32922: Critical Privilege Escalation in OpenClaw - What Cloud Security Teams Need to Know - March 30, 2026
• Sangfor - OpenClaw Security Risks: From Vulnerabilities to Supply Chain Abuse - March 26, 2026
• Jamf Threat Labs - GhostClaw expands beyond npm: GitHub repositories and AI workflows deliver macOS infostealer - March 20, 2026
• Ox Security - OpenClaw Developers Targeted in Crypto-Wallet Phishing Attack - March 18, 2026
• ReversingLabs - OpenClaw lesson: AI agents are a black hole - March 18, 2026
• MintMCP - OpenClaw's 92 Security Advisories: A Complete Breakdown for CISOs - March 12, 2026
• Socket.dev - OpenClaw Advisory Surge Highlights Gaps Between GHSA and CVE Tracking - March 10, 2026
• ReversingLabs - OpenClaw and AI risk: 3 AppSec lessons - March 10, 2026
• TrendMicro - CISOs in a Pinch: A Security Analysis of OpenClaw - March 10, 2026
• Deutsche Telekom Security GmbH - Advisory 2026-0625 - OpenClaw: Multiple Vulnerabilities - March 9, 2026
• Cisco Blogs - How popular are AI tools like OpenClaw? Understanding AI usage across the network - March 9, 2026
• Jfrog Security Research - GhostClaw Unmasked: A Malicious npm Package Impersonating OpenClaw to Steal Everything - March 8, 2026
• MalwareBytes - Beware of fake OpenClaw installers, even if Bing points you to GitHub - March 6, 2026
• Red Canary - Hunting for malicious OpenClaw AI in the modern enterprise - March 5, 2026
• SentinelOne - CVE-2026-29612: OpenClaw DOS Vulnerability - March 5, 2026
• Huntress - “Malware, from the Outside!”: How a Threat Actor Used Fake OpenClaw Installers to Infect Systems with GhostSocks and Information Stealers - March 4, 2026
• Oasis Security - ClawJacked: OpenClaw Vulnerability Enables Full Agent Takeover - February 26, 2026
• TrendMicro - Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer - February 23, 2026
• Acronis - OpenClaw: Agentic AI in the wild — Architecture, adoption and emerging security risks - February 23, 2026
• Malwarebytes - OpenClaw: What is it and can you use it safely? - February 23, 2026
• Microsoft - Running OpenClaw safely: identity, isolation, and runtime risk - February 19, 2026
• Praetorian - Praetorian Guard finds critical flaws in OpenClaw – And What It Means for Your Software Supply Chain - February 19, 2026
• Immersive Labs - OpenClaw: What You Need To Know Before It Claws Its Way Into Your Organization - February 19, 2026
• Conscia - The OpenClaw security crisis - February 18, 2026
• Endor Labs - How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities - February 18, 2026
• SecurityScorecard - What Are the Real Security Risks of Agentic AI and OpenClaw? - February 17, 2026
• Kaspersky - Key OpenClaw risks, Clawdbot, Moltbot - February 16, 2026
• Aikido Security - Why Trying to Secure OpenClaw is Ridiculous - February 13, 2026
• Sophos - The OpenClaw experiment is a warning shot for enterprise AI security - February 13, 2026
• SentinelOne - CVE-2026-25593: OpenClaw AI Assistant RCE Vulnerability - February 13, 2026
• Bitdefender - 135K OpenClaw AI Agents Exposed to Internet - February 12, 2026
• Snyk - How a Malicious Google Skill on ClawHub Tricks Users Into Installing Malware - February 10, 2026
• Kaspersky - New OpenClaw AI agent found unsafe for use - February 10, 2026
• MITRE.org - MITRE ATLAS OPENCLAW INVESTIGATION - February 9, 2026
• Jamf Threat Labs - OpenClaw: the helpful AI that could quietly become your biggest insider threat - February 9, 2026
• Zscaler - A Guide to OpenClaw and Securing It with Zscaler - February 9, 2026
• Bitsight - OpenClaw Security: Risks of Exposed AI Agents Explained - February 9, 2026
• Tenable.com - I pretended to be an AI agent on Moltbook so you don't have to - February 9, 2026
• SecurityScorecard - Beyond the Hype: Moltbot's Real Risk Is Exposed Infrastructure, Not AI Superintelligence - February 9, 2026
• Antiy CERT - ClawHavoc: Analysis of Large-Scale Poisoning Campaign Targeting the OpenClaw Skill Market for AI Agents - February 6, 2026
• TrendMicro - Viral AI, Invisible Risks: What OpenClaw Reveals About Agentic Assistants - February 6, 2026
• Cisco Talos - Threat Source Newsletter: All gas, no brakes: Time to come to AI church - February 5, 2026
• Snyk - 280+ Leaky Skills: How OpenClaw & ClawHub Are Exposing API Keys and PII - February 5, 2026
• Bitdefender - Technical Advisory: OpenClaw Exploitation in Enterprise Networks - February 5, 2026
• Palo Alto Networks - The Moltbook Case and How We Need to Think about Agent Security - February 5, 2026
• Giskard - OpenClaw security vulnerabilities include data leakage and prompt injection risks - February 4, 2026
• Zenity Labs - OpenClaw or OpenDoor? - February 4, 2026
• OX Security - You Can't Just Delete OpenClaw: You Gave It Access to Everything. Now What? - February 4, 2026
• Xage Security - From Viral to Vulnerable: What the OpenClaw Saga Tells Us About Agentic AI Security - February 4, 2026
• Snyk - Inside the 'clawdhub' Malicious Campaign: AI Agent Skills Drop Reverse Shells on OpenClaw Marketplace - February 4, 2026
• CrowdStrike - What Security Teams Need to Know About OpenClaw, the AI Super Agent - February 4, 2026
• SecurityScorecard - What Are Moltbot and Moltbook and What Happens When Agentic AI Assistants Scale Without Security - February 3, 2026
• Tenable - Clawdbot: How to Mitigate Agentic AI Security Vulnerabilities - February 3, 2026
• Depthfirst - 1-Click RCE To Steal Your OpenClaw Data and Keys (CVE-2026-25253) - February 1, 2026
• Censys - OpenClaw in the Wild: Mapping the Public Exposure of a Viral AI Assistant - January 31, 2026
• Palo Alto Networks - OpenClaw formerly Moltbot, Clawdbot May Signal the Next AI Security Crisis - January 29, 2026
• GitGuardian - OpenClaw (Moltbot) Personal Assistant Goes Viral – And So Do Your Secrets - January 29, 2026
• Cisco Blogs - Personal AI Agents like OpenClaw Are a Security Nightmare - January 28, 2026 * Ethiack - One-click RCE on OpenClaw in under 2 hours with an Autonomous Hacking Agent - January 28, 2026

---

Use as an Agent Skill

This repo can be used as a skill by OpenClaw or other AI agents.

Add to your agent's skill instructions:

Fetch OpenClaw security news from:
https://raw.githubusercontent.com/joylarkin/openclaw-security-news/main/README.md

When asked about OpenClaw security, vulnerabilities, or incidents:
1. Fetch the above URL
2. Return the most recent section, or filter by topic/date as requested
3. Cite source as: OpenClaw Security News (https://github.com/joylarkin/openclaw-security-news)

Trigger phrases: OpenClaw, Moltbot, Clawdbot, ClawHub, OpenClaw security, openclaw cve, OpenClaw vulnerabilities, OpenClaw incidents, OpenClaw threats, OpenClaw malware, OpenClaw cybersecurity, OpenClaw risks, OpenClaw hacks, OpenClaw news, OpenClaw advisories, OpenClaw warnings

---

📄 OpenClaw Security News  ·  📡 RSS Feed