Michał "rysiek" Woźniak · 🇺🇦1d ago

There used to be a time when building out a botnet required *some* work – writing exploits, taking over devices, obscuring the purpose of the executable, etc.

Not any more!

Instead of "malware", call it an "AI agent" and people will just happily install it on their devices with full root privileges!
https://github.com/jgamblin/OpenClawCVEs/

Bam! RCE by asking nicely.

🧵

#OpenClaw #AI #Hype #InfoSec

GitHub - jgamblin/OpenClawCVEs: Tracking OpenClaw CVEs

Tracking OpenClaw CVEs. Contribute to jgamblin/OpenClawCVEs development by creating an account on GitHub.

GitHub
Show threadFranklin Delano Stallone15h ago
@rysiek it’s a shame we still act like people are doing great things when they publish stuff like this.
Show threadMichał "rysiek" Woźniak · 🇺🇦15h ago

@fds 💯

(assuming "stuff like this" is OpenClaw, not the openClawCVEs repo)

Show threadFranklin Delano Stallone
@rysiek Oh yes definitely OpenClaw. I have no problem whatsoever if people want to experiment on their own, but it was highly irresponsible to release it in the state it was in, imo.
11:08pmIvory for Mac