Overview
- OpenAI has hired creator Peter Steinberger, and the project is transitioning to an independent OpenClaw Foundation with OpenAI support.
- A new open-source tool called SecureClaw launched to audit deployments with 55 hardening checks and defensive behaviors mapped to OWASP and MITRE frameworks.
- Several critical flaws were patched by late January, the latest release is 2026.2.17, yet researchers report ongoing exploitation of older versions and common misconfigurations.
- Supply‑chain threats were underscored by the ClawHavoc campaign that used marketplace skills to drop an infostealer stealing API keys, while VirusTotal now scans community plugins for known malware.
- Financial institutions face mounting shadow IT risk as employees run autonomous agents with deep privileges, with surveys showing widespread unapproved AI use and Censys counting 21,639 exposed instances.