Over 220,000 OpenClaw instances exposed due to misconfiguration

Over 220,000 OpenClaw instances have been found exposed to the internet, primarily due to misconfigurations rather than the inherent risks of AI automation. SecurityScorecard's STRIKE team highlights that the real danger lies in the mass deployment of these instances, many of which are running outdated and vulnerable versions. Microsoft’s Defender Security Research Team emphasizes that OpenClaw's architecture, which combines untrusted instructions with executable code and persistent credentials, poses significant security risks, making it unsuitable for standard workstations.

The findings underscore the importance of proper agent workflow management and the need for stringent security measures when deploying OpenClaw at scale. As organizations increasingly rely on integrations and developer tooling, the potential for exploitation grows if security protocols are not adhered to. The situation serves as a critical reminder for developers and system administrators to stay vigilant about model updates and to implement robust API security practices to mitigate the risks associated with exposed instances.