OpenClaw or OpenFlaw?

Has your “productivity assistant” become a searchable entry point for global threat actors?

The rapid transition from passive chat interfaces to autonomous OpenClaw agents has created a hyper-connected attack surface where a single compromise grants adversaries a persistent, intelligent presence inside your network. While these tools offer profound productivity gains, KELA’s latest research confirms they effectively function as “rootkit-adjacent” liabilities that bypass traditional perimeter defenses.

In KELA’s new report, you’ll learn:

• Proven Vulnerability Analysis (CVE-2026-25253): KELA’s investigation into underground chatter has uncovered active exploitation of a high-severity “1-click” Remote Code Execution (RCE) vulnerability.

• Supply Chain Poisoning: Analysis of the ClawHub marketplace reveals a massive supply chain risk, with over 10% (341) of audited “Skills” found to be malicious. These deceptive extensions deliver data-stealing payloads without triggering traditional antivirus alarms.

• Enterprise Defense Blueprint: KELA provides a rigorous framework to neutralize these autonomous threats by moving beyond standard compliance toward active containment. The report outlines a “Defense in Depth” strategy to discover anomalies in agentic traffic.