CSO Online - OpenClaw Security Coverage

Security Media Coverage/Security Analysis C Security & Deployment

Basic Information

  • Media: CSO Online
  • Coverage Period: January-March 2026
  • Official Website: https://www.csoonline.com
  • Type: Security Media Coverage/Security Analysis
  • Key Articles:
  • "What CISOs need to know about the OpenClaw security nightmare"
  • "Your personal OpenClaw agent may also be taking orders from malicious websites"
  • "Devs looking for OpenClaw get served a GhostClaw RAT"
  • "OpenClaw integrates VirusTotal malware scanning"

Coverage Description

As a leading global enterprise security media, CSO Online has conducted continuous and in-depth tracking of OpenClaw security issues. Its coverage spans multiple dimensions, from the ClawJacked vulnerability to supply chain attacks, from malware impersonation to enterprise risk assessment, providing CISOs and security teams with a comprehensive analysis of the OpenClaw security landscape.

Core Coverage Content

ClawJacked Vulnerability (CVE-2026-25253)

  • Critical vulnerability discovered by Oasis Security
  • Malicious websites can silently connect to locally running OpenClaw agents and gain full control
  • Malicious browser pages can silently connect to the OpenClaw Gateway
  • Gateway automatically trusts localhost and disables rate limiting
  • Enables rapid password brute-forcing and unauthorized device pairing

ClawHub Malicious Skills Crisis

  • Initially discovered 341 malicious skills (ClawHavoc attack campaign)
  • Accounts for 12% of the registered repository, with subsequent scans reporting over 800 (approximately 20%)
  • Primarily delivers Atomic macOS Stealer
  • OpenClaw integrates VirusTotal malware scanning as a countermeasure

GhostClaw RAT Attack

  • Malicious npm package masquerading as an OpenClaw installer
  • Deploys a Remote Access Trojan (RAT)
  • Multi-stage infection chain steals system credentials, browser data, cryptocurrency wallets, SSH keys, and Apple Keychain databases

Enterprise Risk Data

  • 30,000+ internet-exposed instances (scanned by Censys, Bitsight, Hunt.io)
  • Many instances run without authentication
  • 53% of enterprise customers granted OpenClaw privileged access over a single weekend (Noma report)
  • Gartner categorizes it as an "unacceptable cybersecurity liability"
  • Recommends enterprises "immediately block OpenClaw downloads and traffic"

Recommendations for CISOs

  • Immediately assess OpenClaw usage within the organization
  • Block unauthorized OpenClaw deployments
  • Implement network monitoring to detect OpenClaw traffic
  • Establish a governance framework for AI agent usage
  • Stay updated on OpenClaw security updates and vulnerability disclosures

Relationship with the OpenClaw Ecosystem

CSO Online's continuous security coverage provides authoritative references for enterprise security decision-makers regarding OpenClaw risks. Its reporting has driven enterprise attention to AI agent security governance and promoted security improvement measures within the OpenClaw ecosystem.