Overview
- Chinese platforms accelerate adoption as Tencent, Alibaba, and ByteDance’s Volcano Engine offer simplified cloud deployments and workplace integrations such as DingTalk and WeCom.
- A newly disclosed flaw tracked as CVE‑2026‑25253 enables token theft via a browser WebSocket that leads to remote code execution, with one researcher achieving full takeover in about 100 minutes.
- Security trackers identified hundreds of malicious OpenClaw skills on ClawHub that masquerade as utilities and deliver infostealers targeting exchange API keys, wallet secrets, SSH credentials, and browser passwords, prompting limited publishing restrictions and new reporting tools.
- Wiz researchers say Moltbook’s backend misconfiguration exposed tens of thousands of emails and roughly 1.5 million API keys and private agent messages, allowing bot impersonation on the network.
- Gartner advises organizations to block OpenClaw downloads and traffic outright or confine testing to isolated, nonproduction environments with throwaway credentials and rapid rotation policies.