Customers love OpenClaw; attackers do, too
OpenClaw (previously Clawdbot and Moltbot) is a free, open-source, autonomous AI agent that launched on January 29 and nearly instantly went viral. Based on its developer, Peter Steinberger, its repo had greater than 2 million guests over the course of a single week, and it’s estimated that it has been downloaded 720,000 occasions every week.
OpenClaw runs regionally on a person’s {hardware} slightly than within the cloud, and may carry out autonomous, real-world actions on their behalf, similar to studying emails, searching net pages, working apps, or managing calendars.
Nonetheless, nearly instantly after launch, it raised severe safety points: It’s vulnerable to immediate injection assaults, authentication bypasses, and server-side request forgery (SSRF), amongst different assaults. Many enterprises have responded by severely proscribing, or outright banning, the AI agent.