OpenClaw intel for builders — signal, not hype.
Summary: A vulnerability fixed in 2026.1.20 allowed an unauthenticated local client to modify config and achieve command injection as the gateway user. NVD lists it as CVSS 8.4 with details and change history. (nvd.nist.gov)
nvd.nist.govSummary: A token‑exfiltration flaw in the Control UI enabled one‑click RCE via crafted links; the fix shipped in v2026.1.29 on January 30, 2026. Guidance urges immediate upgrading and token rotation. (thehackernews.com)
thehackernews.comSummary: Advisory explains the unvalidated gatewayUrl parameter and confirms the fix in 2026.1.29, with CVSS 8.8 and references to upstream advisories. (advisories.gitlab.com)
advisories.gitlab.comSummary: The plugin (ID 297816) tracks multiple vulnerabilities and was updated to note public exploits are available, raising exposure concerns for unpatched installs. (tenable.com)
tenable.comSummary: STRIKE reports tens of thousands of internet‑facing deployments, with over a third flagged vulnerable, and provides a live dashboard tracking exposure trends. (securityscorecard.com)
securityscorecard.comSummary: Infosecurity Magazine summarizes STRIKE’s findings, noting 63% of observed deployments are vulnerable and thousands are exploitable via RCE. (infosecurity-magazine.com)
infosecurity-magazine.comSummary: Bitdefender highlights a rapid surge in exposed instances and frames the issue as access/identity failures around always‑on agent deployments. (bitdefender.com)
bitdefender.comSummary: The release hardens SSRF paths with URL allowlists and logging, locks down hook/session behavior, and delivers major scheduler stability improvements. (openclaw.report)
openclaw.reportSummary: A roundup of 2026.2.12 details: mandatory auth for loopback browser control, auto‑generated tokens, stricter path validation, and signed Mac packages. (cybersecuritynews.com)
cybersecuritynews.comSummary: Latest OpenClaw image introduces randomized default service ports, one‑click public access toggles, and built‑in IM plugins, improving both security and usability. (alibabacloud.com)
alibabacloud.comSummary: A detailed Reddit PSA describes malicious SKILL.md submissions that exploit the skills resolver to hijack popular names, urging manual verification and safer install methods. (reddit.com)
reddit.comSummary: The memory/backend project aligns with OpenClaw 2026.2.9, validating custom paths and improving transcript integrity and lifecycle hooks. (clawvault.dev)
clawvault.devSummary: A community proposal outlines pre/post action hooks to enable richer auditing, compliance, and analytics without modifying core code. (gist.github.com)
gist.github.comSummary: Report documents hundreds of malicious skills on ClawHub and early mitigation steps (publisher age requirement, reporting), warning that risks persist. (theverge.com)
theverge.comSummary: Follow‑up notes a VirusTotal partnership to scan third‑party skills as a partial response to the malware flood. (theverge.com)
theverge.comSummary: At least 230+ malicious skills impersonated crypto and utility tools to drop info‑stealers; researchers also flagged many misconfigured, exposed admin interfaces. (bleepingcomputer.com)
bleepingcomputer.comSummary: Coverage of late‑January uploads that used social‑engineering instructions and obfuscated commands to deliver malware from ClawHub listings. (tomshardware.com)
tomshardware.comSummary: Broad overview of OpenClaw’s rapid adoption and security/ethics concerns when users grant expansive permissions to an autonomous local agent. (theguardian.com)
theguardian.com
1‑sentence description: A hands‑on walkthrough that installs OpenClaw, connects it to Ollama for fully local LLMs, and drives the agent from Telegram end‑to‑end. (lilys.ai)
lilys.ai
1‑sentence description: A beginner‑friendly tutorial that deploys OpenClaw on a VPS for 24/7 availability and explains secure, practical setup choices. (lilys.ai)
lilys.ai
1‑sentence description: A security‑first setup guide that highlights common misconfigurations and shows safer ways to run OpenClaw and vet skills. (lilys.ai)
lilys.ai
1‑sentence description: Full install on a VPS plus connecting WhatsApp/Telegram and launching your first recurring automation with OpenClaw. (lilys.ai)
lilys.ai
1‑sentence description: Demo showing OpenClaw using “Antigravity” integrations to run free model backends and automate developer workflows. (lilys.ai)
lilys.ai
1‑sentence description: A real‑world demo of OpenClaw automating channel tasks like content workflows, notifications, and repeat jobs. (lilys.ai)
lilys.ai
1‑sentence description: Practical upgrades (VPS/Mac mini trade‑offs, cron jobs, integrations) to harden and scale an always‑on OpenClaw setup. (lilys.ai)
lilys.ai
1‑sentence description: News‑style rundown of the latest OpenClaw update, including easier setup, added model options, and UI tweaks—with cautions on security. (lilys.ai)
lilys.ai
1‑sentence description: A clear explainer of what OpenClaw is, how skills plus scheduled jobs drive real automations, and key safety considerations. (lilys.ai)
lilys.ai
- Dates, titles, and channels above come from each video’s metadata as surfaced by the referenced pages; all videos were uploaded between January 31 and February 9, 2026. (lilys.ai)
lilys.aiOpenClaw is an open-source AI agent platform that can autonomously operate your computer — browsing the web, running apps, managing files, and executing multi-step workflows on your behalf. Originally released under a different name, OpenClaw has rapidly become one of the most talked-about projects in the AI-agent space thanks to its extensible "skill" system (distributed via ClawHub) and its ability to chain actions across local and cloud environments.
A single-page news hub that aggregates the latest OpenClaw updates, security advisories, release notes, and community chatter. We focus on signal over hype.
No. This is an independent publication. We are not affiliated with, endorsed by, or sponsored by the OpenClaw project or its maintainers.
ClawHub is OpenClaw's community marketplace for "skills" — plugin-like extensions that add capabilities to the agent. Think of it like a package registry (npm, PyPI) but for agent actions.
OpenClaw grants broad system permissions by design. The project has integrated VirusTotal scanning for ClawHub skills, but security researchers continue to find malicious packages. Always review a skill's source, limit permissions, and keep OpenClaw updated.
Content is refreshed periodically via a build process that pulls the latest news. Check the "Last updated" timestamp at the top of the news section.
A critical remote-code-execution bug in OpenClaw's Control UI that allowed one-click token exfiltration via a malicious link. It was patched in v2026.1.29 (January 30, 2026). All users should update immediately.
Not yet — we're a static v0 site. Future versions may accept community submissions. For now, all content is manually curated and reviewed before each update.
We aggregate recent coverage from major tech and security outlets, then compile it into a structured feed.