Customers love OpenClaw; attackers do, too
OpenClaw (previously Clawdbot and Moltbot) is a free, open-source, autonomous AI agent that launched on January 29 and nearly instantly went viral. In accordance with its developer, Peter Steinberger, its repo had greater than 2 million guests over the course of a single week, and it’s estimated that it has been downloaded 720,000 occasions every week.
OpenClaw runs regionally on a person’s {hardware} relatively than within the cloud, and might carry out autonomous, real-world actions on their behalf, resembling studying emails, shopping internet pages, working apps, or managing calendars.
Nevertheless, nearly instantly after launch, it raised critical safety points: It’s vulnerable to immediate injection assaults, authentication bypasses, and server-side request forgery (SSRF), amongst different assaults. Many enterprises have responded by severely proscribing, or outright banning, the AI agent.
