{"id":222973,"date":"2026-03-11T21:37:00","date_gmt":"2026-03-12T01:37:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/11\/chinas-cert-warns-openclaw-can-inflict-nasty-wounds-the-register\/"},"modified":"2026-03-12T20:00:18","modified_gmt":"2026-03-13T00:00:18","slug":"chinas-cert-warns-openclaw-can-inflict-nasty-wounds-the-register","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/11\/chinas-cert-warns-openclaw-can-inflict-nasty-wounds-the-register\/","title":{"rendered":"China\u2019s CERT warns OpenClaw can inflict nasty wounds \u2022 The Register"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/12\/china_cert_openclaw_security_warning\/\">China\u2019s CERT warns OpenClaw can inflict nasty wounds \u2022 The Register<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/12\/china_cert_openclaw_security_warning\/\">https:\/\/www.theregister.com\/2026\/03\/12\/china_cert_openclaw_security_warning\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-11 21:37:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p>China\u2019s National Computer Network Emergency Response Technical Team has warned locals that the OpenClaw agentic AI tool poses significant security risks.<\/p>\n<p>In a Tuesday post to its WeChat account, the CERT warned that OpenClaw has \u201cextremely weak default security configuration\u201d and must therefore be handled with extreme care.<\/p>\n<p>The CERT is worried that attackers can target the tool by embedding malicious instructions in web pages, and that poisoned plugins for the agentic tool can put users at risk. China\u2019s cyber-advisors also point out that OpenClaw has already disclosed several severe vulnerabilities that can result in credential theft and therefore enable serious attacks.<\/p>\n<p>User error is another concern, as the CERT thinks OpenClaw users may inadvertently delete important data.<\/p>\n<p>The organization recommends users isolate OpenClaw in a container, keep its management port isolated from the public internet, and implement strict authentication and access control procedures to keep attackers away from the agentic tool. The CERT also suggests that users disable automatic updates and restrict access to OpenClaw plugins.<\/p>\n<p>The CERT\u2019s advice is a little less alarmist than that offered by analyst firm Gartner, which in early February described OpenClaw as an \u201cunacceptable cybersecurity risk\u201d for business user, while also recommending users only run it in isolated nonproduction virtual machines with throwaway credentials.<\/p>\n<p>The warning opens with the observation that China has seen a \u201csurge in downloads and usage\u201d for OpenClaw and its derivatives, thanks in part to \u201cmajor domestic cloud platforms offering one-click deployment services.\u201d One example of such offerings comes from web giant Tencent, which launched an OpenClaw-based tool called \u201cWork Buddy\u201d on Monday, and claimed users can set it up and integrate it with multiple chat platforms in minutes.<\/p>\n<p>A day after China\u2019s CERT posted its advice,&#8230;<\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/12\/china_cert_openclaw_security_warning\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>China\u2019s CERT warns OpenClaw can inflict nasty wounds \u2022 The Register https:\/\/www.theregister.com\/2026\/03\/12\/china_cert_openclaw_security_warning\/ Publish Date: 2026-03-11&#8230;<\/p>\n","protected":false},"author":1,"featured_media":222974,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/regmedia.co.uk\/2026\/03\/12\/shutterstock_china_cyber_danger.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24],"class_list":["post-222973","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222973"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=222973"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222973\/revisions"}],"predecessor-version":[{"id":222975,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/222973\/revisions\/222975"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/222974"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=222973"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=222973"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=222973"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}