It’s a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster.
This time around, SecurityScorecard’s STRIKE threat intelligence team is sounding the alarm over the sheer volume of internet-exposed OpenClaw instances it discovered, which numbers more than 135,000 as of this writing. When combined with previously known vulnerabilities in the vibe-coded AI assistant platform and links to prior breaches, STRIKE warns that there’s a systemic security failure in the open-source AI agent space.
“Our findings reveal a massive access and identity problem created by poorly secured automation at scale,” the STRIKE team wrote in a report released Monday. “Convenience-driven deployment, default settings, and weak access controls have turned powerful AI agents into high-value targets for attackers.”
[deleted]
sun_is_ra@sh.itjust.works 3 weeks ago
Would be great if the article starts with: “What even is open claw?”
A picture of a cooked lobster is not helping
stefenauris@pawb.social 3 weeks ago
I didn’t know either and so others don’t have to look it up either:
tonytins@pawb.social 3 weeks ago
It went through a lot of rebranding as well. You might have heard of Clawdbot or Moltbot. All the same thing.
XLE@piefed.social 3 weeks ago
It’s a metaphor for the cooked humans that are spinning up super exploitable chatbots for it