Google Just Named OpenClaw in a Hacker Threat Report (and the AI Industry Pretended Not to Notice)

Surfaced and summarized by Daniel Miessler from Vince Ultari.

Google named OpenClaw in a May 11 threat report. Attackers used it to plan a zero-day mass exploit. The exposure spans open-source agents and internet-facing deployments. Defenders should audit skills, pin versions, and hunt now.

Key points

Google named OpenClaw.
Threat actors used it to build a zero-day exploit before deployment.
The report ties the activity to China and North Korea.
Open-source agents now sit inside tens of thousands of reachable instances, per DECLAWED.
Audit skills, pin versions, and treat agent tool calls as hostile.

Read original at Vince Ultari →Open the full Surface feed →← Back to all news

This is one of fifty stories I surfaced this week from Surface — a tiny slice of the full feed.