42,000 AI Agents Were Exposed to the Internet. Here's What We Can Learn.

42,000 AI Agents Were Exposed to the Internet. Here's What We Can Learn. In early 2026, security researcher Maor Dayan published findings about OpenClaw — the open-source AI assistant platform with 214,000+ GitHub stars that lets users self-host an AI agent with deep system access. Email, calendars, file systems, code repos, databases, APIs. Full access. On your machine. Under your control. The pitch was compelling: sovereign AI without the surveillance trade-offs. The execution was, in Dayan's words, "the largest security incident in sovereign AI history." The Numbers Researchers scanning the public internet found over 42,000 OpenClaw instances exposed with no authentication. Not misconfigured — architecturally vulnerable, by default. 93% had critical authentication bypass vulnerabilities. A single backend misconfiguration at Moltbook leaked 1.5 million API tokens , along with 35,000 user emails and full conversation histories. Within 72 hours of OpenClaw going viral in January, autom