Michał "rysiek" Woźniak · 🇺🇦1d ago

There used to be a time when building out a botnet required *some* work – writing exploits, taking over devices, obscuring the purpose of the executable, etc.

Not any more!

Instead of "malware", call it an "AI agent" and people will just happily install it on their devices with full root privileges!
https://github.com/jgamblin/OpenClawCVEs/

Bam! RCE by asking nicely.

🧵

#OpenClaw #AI #Hype #InfoSec

GitHub - jgamblin/OpenClawCVEs: Tracking OpenClaw CVEs

Tracking OpenClaw CVEs. Contribute to jgamblin/OpenClawCVEs development by creating an account on GitHub.

GitHub
Show threadMichał "rysiek" Woźniak · 🇺🇦1d ago

OpenClaw treats this seriously, of course, and by seriously I mean claims this is normal, nothing to see here – and blames the users:
https://openclawai.io/blog/openclaw-cve-flood-nine-vulnerabilities-four-days-march-2026

> This four-day flood isn’t an anomaly. It’s what happens when a project grows from enthusiast tool to infrastructure faster than its security surface can mature.

> If you’re running OpenClaw, you’re signing up to track upstream releases, apply patches promptly, and monitor advisories — indefinitely.

🧵

Nine CVEs in Four Days: Inside OpenClaw's March 2026 Vulnerability Flood | OpenClawAI

Between March 18 and 21, nine OpenClaw CVEs dropped — including a 9.9 critical that let any authenticated user become admin by asking nicely. A timeline, breakdown, and what it means for self-hosters.

Show threadMichał "rysiek" Woźniak · 🇺🇦1d ago

Do they mention any of this on their landing page? No, of course not:
https://openclawai.io/

Do they mention this on their quickstart page? No, of course not:
https://openclawai.io/quickstart

But they sure mention the managed hosting that is "coming soon"! Which of course they shill in their blogpost about the vulnerabilities:

> For many users, that’s a reasonable tradeoff. For others, it’s the argument for managed hosting.

Security fuckup? More like business opportunity, amirite? 🤡

🧵

OpenClawAI — Learn OpenClaw, discover the ecosystem, and start using it fast

OpenClaw AI - Your AI employee that lives in WhatsApp, Telegram, or Slack. Self-host or join the waitlist for managed hosting.

Show threadmarcink22h ago
@rysiek I love how this landed right after the trive/litellm/axios thing where the take out is the exact opposite of “upgrade as soon as there is a new version”.
Show threadMichał "rysiek" Woźniak · 🇺🇦22h ago

@marcink right?

Don't worry, as soon as OpenClaw gets hit by supply-chain attack, which they inevitably are going to, this will flip.

Show threadmarcink
@rysiek But between this being openclaw and the insufferably LLM-ish tone of the blog post (pictured below) we can at least rest assured that there is a chance that no human being had to be involved in writing, editing, or reviewing these.
Apr 4 at 4:00pmWeb
Show threadMichał "rysiek" Woźniak · 🇺🇦19h ago
@marcink what a fantastic scene in that film.
Show threadmarcink19h ago
@rysiek If there is any silver lining to this LLM bubble is that it will provide way more than enough material for a sequel.