Skip to content
  • Home
  • Cyber Map
  • About Us – Contact
  • Disclaimer
  • Terms and Rules
  • Privacy Policy
Cyber Web Spider Blog – News

Cyber Web Spider Blog – News

Globe Threat Map provides a real-time, interactive 3D visualization of global cyber threats. Monitor DDoS attacks, malware, and hacking attempts with geo-located arcs on a rotating globe. Stay informed with live logs and archive stats.

  • Home
  • Cyber Map
  • Cyber Security News
  • Security Week News
  • The Hacker News
  • How To?
  • Toggle search form
Malware Found in Top OpenClaw Skill Exposes Major Security Flaws

Malware Found in Top OpenClaw Skill Exposes Major Security Flaws

Posted on February 19, 2026 By CWS

The discovery of malware embedded in the most downloaded skill on OpenClaw’s ClawHub marketplace has unveiled significant security vulnerabilities. This malicious software, disguised as a legitimate AI tool, highlights the risks associated with open-source platforms.

Exposing the Threat

OpenClaw, known for its open-source AI agent platform, operates ClawHub, a marketplace where developers publish skills to enhance agent capabilities. Security researcher @chiefofautism recently uncovered 1,184 malicious skills, with one actor responsible for uploading 677 of these packages. This indicates a severe supply chain vulnerability within the AI agent ecosystem.

Alarmingly, ClawHub’s verification process required only a one-week-old GitHub account, enabling attackers to upload numerous malicious skills under the guise of legitimate applications such as crypto trading tools and YouTube summarizers. These skills, complete with professional documentation, concealed harmful code that misled users.

Mechanisms of the Malware

Once activated, the malware instructed AI agents to execute commands through hidden AI prompts. On macOS, it deployed Atomic Stealer (AMOS), which extracted sensitive information like browser passwords, SSH keys, and crypto wallet credentials. On other systems, it opened a reverse shell, granting attackers remote access to compromised machines.

Cisco’s AI Defense team uncovered nine vulnerabilities in a top-ranked ClawHub skill, “What Would Elon Do?” These included critical exploits that exfiltrated user data to an attacker’s server using undetectable methods. The skill was downloaded thousands of times, exacerbating the problem.

Addressing the Security Breach

The vulnerability issue was not new; Koi Security had previously identified 341 malicious entries in ClawHub, linked to a campaign called ClawHavoc. Similarly, Snyk’s audit revealed 341 threats, with the publisher “hightower6eu” responsible for over 314 hazardous packages. These findings pointed to a common command-and-control server.

In response, OpenClaw partnered with Google’s VirusTotal to scan all uploaded skills, categorizing them as benign, suspicious, or malicious. Daily re-scans aim to detect mutations in these skills post-approval.

This incident mirrors npm supply chain attacks but with a unique twist: the malware functions within an AI agent, capable of executing commands with broad system permissions. Traditional security tools struggle to detect these natural language-encoded threats, posing a significant challenge.

Organizations using OpenClaw face heightened risks from “Shadow AI” activities, where agent actions bypass conventional monitoring and leave limited audit trails. Continuous vigilance and advanced security measures are crucial to mitigate these threats.

Cyber Security News Tags:AI agent, AI security, ClawHub, Cybersecurity, Malware, OpenClaw, reverse shell, security vulnerability, SSH keys, supply chain attack

Post navigation

Previous Post: China’s Vulnerability Databases Impact Global Security
Next Post: Link11 Unveils AI Management Dashboard for Enhanced Traffic Control

Related Posts

AI Systems Can Generate Working Exploits for Published CVEs in 10-15 Minutes AI Systems Can Generate Working Exploits for Published CVEs in 10-15 Minutes Cyber Security News
Pardus Linux Vulnerability Allows Root Access Pardus Linux Vulnerability Allows Root Access Cyber Security News
Weaponized LNK File Disguised as Credit Card Security Email Steals User Data Weaponized LNK File Disguised as Credit Card Security Email Steals User Data Cyber Security News
Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation Cyber Security News
Critical Adobe Acrobat Flaws Allow Code Execution Critical Adobe Acrobat Flaws Allow Code Execution Cyber Security News
Researchers Expose Scattered Spider’s Tools, Techniques and Key Indicators Researchers Expose Scattered Spider’s Tools, Techniques and Key Indicators Cyber Security News

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Recent Posts

  • AI Security Model Redeployment and Major Vulnerabilities
  • Flipper Zero Enhances Firmware Development Strategy
  • T3MP3ST Framework Transforms AI Into Security Pioneers
  • Microsoft Enhances Windows 11 OOBE with New Update
  • Government Pays $1M to Prevent Data Leak by Kairos Group

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Archives

  • July 2026
  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Posts

  • AI Security Model Redeployment and Major Vulnerabilities
  • Flipper Zero Enhances Firmware Development Strategy
  • T3MP3ST Framework Transforms AI Into Security Pioneers
  • Microsoft Enhances Windows 11 OOBE with New Update
  • Government Pays $1M to Prevent Data Leak by Kairos Group

Pages

  • About Us – Contact
  • Disclaimer
  • Privacy Policy
  • Terms and Rules

Categories

  • Cyber Security News
  • How To?
  • Security Week News
  • The Hacker News

Copyright © 2026 Cyber Web Spider Blog – News.

Powered by PressBook Masonry Dark