Widespread insecure OpenClaw deployments and mass-install supply-chain attack
Key Questions
What is the scale of insecure OpenClaw deployments?
STRIKE metrics show approximately 40k OpenClaw instances, with 63% misconfigured and around 12k controllable. Additionally, 17.5k instances are exposed on the default port 18789 via /api, linked to CVE-2026-25253 which leaks tokens.
What is CVE-2026-25253?
CVE-2026-25253 involves OpenClaw deployments exposing tokens on the default port 18789 /api endpoint. This vulnerability contributes to widespread risks from misconfigurations.
What is ClawHavoc?
ClawHavoc refers to malicious activity affecting over 820 OpenClaw skills, including npm exploits and prompt injections. It is part of the supply-chain attacks amid GitHub phishing and Meta email deletions.
What warnings have been issued about OpenClaw security?
China's CNCERT has issued warnings about 23k exposed instances. Media describes it as a 'security nightmare' with ongoing tutorials and attacks.
How can OpenClaw deployments be hardened?
Use ClawSecure for scans (1.5k/day), update to v2026.3.11 or later, change default ports, and deploy via Docker, VPS, or Tailscale. NSFOCUS recommends multi-layer protection systems.
STRIKE metrics (~40k instances; 63% misconfigured; ~12k controllable) updated with 17.5k exposed on default port 18789 /api (CVE-2026-25253 leaking tokens), Meta email deletions, GitHub phishing, ClawHavoc in 820+ skills, China CNCERT warnings/23k exposed. ClawSecure (1.5k scans/day); hardening via v2026.3.11+, port changes/Docker/VPS/Tailscale essential amid ongoing 'security nightmare' media and tutorials.