(no title)

40,214 exposed instances. 63% vulnerable. 12,812 exploitable via RCE. Endor Labs dropped 6 new CVEs this week.

https://www.infosecurity-magazine.com/news/researchers-40000...

Malwarebytes describes OpenClaw as "an over-eager intern with an adventurous nature, a long memory, and no real understanding of what should stay private."

The Dutch DPA has now formally warned organizations not to deploy OpenClaw on systems handling sensitive data.

The practical question remains: most people will run it anyway because it is useful. What runtime monitoring do you layer on top? Sandboxes help with blast radius but do not monitor credential access, skill behavior, or network egress within the sandbox.