{"id":211786,"date":"2026-02-09T12:23:00","date_gmt":"2026-02-09T17:23:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/openclaw-instances-open-to-the-internet-present-ripe-targets-the-register\/"},"modified":"2026-02-09T19:30:10","modified_gmt":"2026-02-10T00:30:10","slug":"openclaw-instances-open-to-the-internet-present-ripe-targets-the-register","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/02\/09\/openclaw-instances-open-to-the-internet-present-ripe-targets-the-register\/","title":{"rendered":"OpenClaw instances open to the internet present ripe targets \u2022 The Register"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/09\/openclaw_instances_exposed_vibe_code\/\">OpenClaw instances open to the internet present ripe targets \u2022 The Register<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/09\/openclaw_instances_exposed_vibe_code\/\">https:\/\/www.theregister.com\/2026\/02\/09\/openclaw_instances_exposed_vibe_code\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-09 12:23:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p>It&#8217;s a day with a name ending in Y, so you know what that means: Another OpenClaw cybersecurity disaster.<\/p>\n<p>This time around, SecurityScorecard&#8217;s STRIKE threat intelligence team is sounding the alarm over the sheer volume of internet-exposed OpenClaw instances it discovered, which numbers more than 135,000 as of this writing. When combined with previously known vulnerabilities in the vibe-coded AI assistant platform and links to prior breaches, STRIKE warns that there&#8217;s a systemic security failure in the open-source AI agent space.\u00a0<\/p>\n<p>&#8220;Our findings reveal a massive access and identity problem created by poorly secured automation at scale,&#8221; the STRIKE team wrote in a report released Monday. &#8220;Convenience-driven deployment, default settings, and weak access controls have turned powerful AI agents into high-value targets for attackers.&#8221;\u00a0<\/p>\n<p>For those unfamiliar with the saga of Clawdbot, er Moltbot, no, wait, OpenClaw (it keeps changing names), it&#8217;s an open-source, vibe-coded agentic AI platform that has been, frankly, an unmitigated disaster for those worried about security. OpenClaw&#8217;s skill store, where users can find extensions for the bot, is riddled with malicious software. Three high-risk CVEs have been attributed to it in recent weeks, and it&#8217;s also been reported that its various skills can be easily cracked and forced to spill API keys, credit card numbers, PII, and other data valuable to cybercriminals.\u00a0<\/p>\n<p>Take a bunch of those already vulnerable instances and give them free rein to access the internet, as STRIKE has discovered happening around the world, and those problems are quickly magnified.\u00a0<\/p>\n<p>STRIKE&#8217;s summary of the problem doesn&#8217;t even do it justice, as the number of identified vulnerable systems has skyrocketed on its live OpenClaw threat dashboard since publication several hours before our story.\u00a0\u00a0<\/p>\n<p>Take&#8230;<\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/02\/09\/openclaw_instances_exposed_vibe_code\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OpenClaw instances open to the internet present ripe targets \u2022 The Register https:\/\/www.theregister.com\/2026\/02\/09\/openclaw_instances_exposed_vibe_code\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":211787,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/regmedia.co.uk\/2018\/01\/18\/lobster_shutterstock.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24],"class_list":["post-211786","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211786"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=211786"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211786\/revisions"}],"predecessor-version":[{"id":211788,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/211786\/revisions\/211788"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/211787"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=211786"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=211786"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=211786"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}