Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenClaw-targeting infostealer file-grabbing activity

Malware Activity
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

The infostealer’s first live attack against OpenClaw now matters because it used a broad file-grabbing routine to collect secrets, tokens, keys, and assistant context from local instances. The malware pulled openclaw.json and device.json, exposing the victim’s email address, workspace path, and gateway token. It also captured pairing keys and memory files that could enable remote access, impersonation, and deeper compromise of the user’s AI environment.

Related Happenings

OpenClaw message-object prompt injection patched in 2026.4.23 security flaw

Vulnerability
H score15 First: 11.06.2026 20:46 Last: 11.06.2026 20:46 Sources 1

About this happening: **OpenClaw** has a patched **message-object prompt injection flaw** that let hidden instructions inside **shared contacts, vCards, and location pins** reach the LLM as trusted pro...

OpenClaw/OpenShell managed sandbox backend Claw Chain (multiple vulnerabilities)

Vulnerability
H score31 First: 15.05.2026 16:35 Last: 15.05.2026 16:35 Sources 1

About this happening: Researchers disclosed **four OpenClaw flaws** in the **OpenShell managed sandbox backend** that can be chained for **data theft**, **privilege escalation**, and **persistence**. T...

GhostLoader RAT-stealer via @openclaw-ai/openclawai

Malware Activity
H score30 First: 09.03.2026 20:31 Last: 09.03.2026 20:31 Sources 1

About this happening: A malicious **@openclaw-ai/openclawai** npm package is delivering **GhostLoader** to **macOS** hosts, enabling **credential theft**, **browser-session cloning**, and persistent re...

OpenClaw ClawJacked localhost WebSocket brute-force security flaw

Vulnerability
H score37 First: 01.03.2026 23:44 Last: 01.03.2026 23:44 Sources 1

About this happening: **OpenClaw**’s **ClawJacked** vulnerability allowed a **malicious website** to brute-force a **localhost WebSocket** connection and take control of a local instance, putting **ses...

ClawHub malicious skills deliver Atomic Stealer

Malware Activity
H score29 First: 28.02.2026 19:21 Last: 28.02.2026 19:21 Sources 1

About this happening: Researchers found **malicious skills** on **ClawHub** delivering a **new Atomic Stealer variant** to **macOS** users, turning the OpenClaw skills marketplace into a malware delive...

Timeline

  1. 17.02.2026 11:35 2 articles · 4mo ago

    First live OpenClaw infostealer attack disclosure

    Initial Disclosure

    Hudson Rock reported that researchers witnessed the first live attack targeting an OpenClaw configuration environment and said an infostealer used a broad file-grabbing routine to sweep for sensitive file extensions and directories such as .openclaw. The analysis said the malware collected openclaw.json, device.json, soul.md, agents.md, and memory.md from a local OpenClaw instance user, exposing the victim’s email address, workspace path, gateway token, and device private keys with potential for remote access, impersonation, and compromise of paired cloud services.

    Show sources