DigiNews

Summary

Ars Technica reports on OpenClaw’s security crisis, highlighting a high-severity vulnerability that can escalate privileges from operator.pairing to operator.admin, effectively giving attackers full control over an OpenClaw instance. It notes that tens of thousands of deployments were exposed without authentication, and patches arrived after the fact with the CVE not yet formally listed, creating a window of risk. The piece emphasizes the need for assume-compromise mindset and stronger auth and monitoring for AI agent platforms.