OpenClaw instances open to the internet present ripe targets • The Register

https://www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/

Publish Date: 2026-02-09 12:23:00

It’s a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster.

This time around, SecurityScorecard’s STRIKE threat intelligence team is sounding the alarm over the sheer volume of internet-exposed OpenClaw instances it discovered, which numbers more than 135,000 as of this writing. When combined with previously known vulnerabilities in the vibe-coded AI assistant platform and links to prior breaches, STRIKE warns that there’s a systemic security failure in the open-source AI agent space.

“Our findings reveal a massive access and identity problem created by poorly secured automation at scale,” the STRIKE team wrote in a report released Monday. “Convenience-driven deployment, default settings, and weak access controls have turned powerful AI agents into high-value targets for attackers.”

For those unfamiliar with the saga of Clawdbot, er Moltbot, no, wait, OpenClaw (it keeps changing names), it’s an open-source, vibe-coded agentic AI platform that has been, frankly, an unmitigated disaster for those worried about security. OpenClaw’s skill store, where users can find extensions for the bot, is riddled with malicious software. Three high-risk CVEs have been attributed to it in recent weeks, and it’s also been reported that its various skills can be easily cracked and forced to spill API keys, credit card numbers, PII, and other data valuable to cybercriminals.

Take a bunch of those already vulnerable instances and give them free rein to access the internet, as STRIKE has discovered happening around the world, and those problems are quickly magnified.

STRIKE’s summary of the problem doesn’t even do it justice, as the number of identified vulnerable systems has skyrocketed on its live OpenClaw threat dashboard since publication several hours before our story.

Take…

Source