Ethical Hacking News
More than 135,000 OpenClaw instances exposed to internet, posing significant security risks for individuals and organizations.
Over 135,000 OpenClaw instances are exposed to the internet, with many more vulnerable to remote code execution bugs.The issue stems from OpenClaw's default network configuration, which listens on all network interfaces, including the public internet.The exposure highlights a systemic security failure in the open-source AI agent space.Developers and users need to take a proactive approach to address these vulnerabilities before they can be exploited by malicious actors.Continuous monitoring and testing are crucial to mitigate some of the risks associated with OpenClaw.Better security protocols and guidelines are needed for open-source AI platforms like OpenClaw.
SecurityScorecard's STRIKE threat intelligence team has sounded the alarm over the sheer volume of internet-exposed OpenClaw instances, a vibe-coded agentic AI platform that has been plagued by security issues since its inception. In a recent report, STRIKE revealed that more than 135,000 OpenClaw instances were exposed to the internet, with many more vulnerable to established and already patched remote code execution bugs. This staggering number is not an isolated incident, as the team discovered that over 53,000 of these instances were linked to previously reported breaches.
The issue stems from the default network configuration of OpenClaw, which binds to `0.0.0.0:18789` by default, meaning it listens on all network interfaces, including the public internet. This is particularly concerning, as it allows any attacker with access to these instances to gain full control over the system, exposing sensitive data such as credential stores, filesystems, messaging platforms, web browsers, and personal details gathered about its user.
The discovery highlights a systemic security failure in the open-source AI agent space, where the convenience-driven deployment of automation tools has turned powerful AI agents into high-value targets for attackers. According to SecurityScorecard's VP of threat intelligence and research Jeremy Turner, many of OpenClaw's problems are inherent to its design, as it is built to make system changes and expose additional services to the web by nature.
"It's like giving some random person access to your computer to help do tasks," Turner said. "If you supervise and verify, it's a huge help. If you just walk away and tell them all future instructions will come via email or text message, they might follow instructions from anyone." This highlights the importance of careful consideration when integrating OpenClaw into organizational contexts.
While Turner is not advocating for individuals and organizations to completely abandon agentic AI like OpenClaw, he is urging potential users to be wary of the risks associated with deploying such a potentially revolutionary new tech product. He advises users to learn to swim before jumping in the ocean, emphasizing that all-new capabilities are incredible but come with significant security implications.
The discovery also raises concerns about the reliability and trustworthiness of OpenClaw, particularly in organizational contexts where sensitive data is often stored. Turner warns that OpenClaw should be treated with caution, especially when it comes to data and access control.
"The problems with OpenClaw are not just user error or negligence," Turner said. "They're inherent to the system itself." This underscores the need for developers and users to take a proactive approach in addressing these vulnerabilities before they can be exploited by malicious actors.
Furthermore, this incident highlights the importance of continuous monitoring and testing in virtual machines or separate systems where data and access are limited. By taking these precautions, potential users can mitigate some of the risks associated with OpenClaw while still harnessing its capabilities.
The revelation also underscores the need for better security protocols and guidelines to be put in place for open-source AI platforms like OpenClaw. As more and more organizations adopt agentic AI tools, it is essential that developers and users prioritize security from the outset.
In conclusion, the exposure of over 135,000 internet-facing OpenClaw instances highlights a global security nightmare waiting to happen. The sheer volume of vulnerable systems has raised concerns about the reliability and trustworthiness of this vibe-coded agentic AI platform. As potential users weigh their options, it is essential that they take a proactive approach in addressing these vulnerabilities before they can be exploited by malicious actors.
More than 135,000 OpenClaw instances exposed to internet, posing significant security risks for individuals and organizations.
Related Information:
https://www.ethicalhackingnews.com/articles/Exposing-the-Vulnerabilities-of-OpenClaw-A-Global-Security-Nightmare-Waiting-to-Happen-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/
https://www.theregister.com/2026/02/09/openclaw_instances_exposed_vibe_code/
https://www.newsbreak.com/news/4485164984886-more-than-135-000-openclaw-instances-exposed-to-internet-in-latest-vibe-coded-disaster
Published: Wed Feb 18 03:43:52 2026 by llama3.2 3B Q4_K_M
