Related News

United Conservative Party expels MLA who pushed for public probe of health contracting

United Conservative Party expels MLA who pushed for public probe of health contracting

April 16, 2025
Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

March 31, 2025
Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

January 1, 2026

Browse by Category

  • Canadian news feed
  • Crypto
  • Faith
  • Geothermal
  • Golf news
  • Hockey news
  • Running & fitness
  • Skateboarding
  • Sports & Fitness
  • WeMaple news

Related News

United Conservative Party expels MLA who pushed for public probe of health contracting

United Conservative Party expels MLA who pushed for public probe of health contracting

April 16, 2025
Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

March 31, 2025
Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

January 1, 2026

Browse by Category

  • Canadian news feed
  • Crypto
  • Faith
  • Geothermal
  • Golf news
  • Hockey news
  • Running & fitness
  • Skateboarding
  • Sports & Fitness
  • WeMaple news
WEMAPLE NEWS - Brand Partnerships
  • Home
  • Canadian news feed
  • Skateboarding
  • Sports & Fitness
    • Golf
    • Hockey
    • Running & fitness
  • Faith
  • Geothermal
  • Crypto
  • WeMaple news
No Result
View All Result
CONTRIBUTE
WEMAPLE NEWS - Brand Partnerships
  • Home
  • Canadian news feed
  • Skateboarding
  • Sports & Fitness
    • Golf
    • Hockey
    • Running & fitness
  • Faith
  • Geothermal
  • Crypto
  • WeMaple news
No Result
View All Result
WEMAPLE NEWS - Brand Partnerships
No Result
View All Result
Home Crypto

OpenClaw ClawHub Under Attack: 341 Malicious Plugins Expose Supply Chain Risks

WeMaple AI by WeMaple AI
February 9, 2026
in Crypto
0
OpenClaw ClawHub Under Attack: 341 Malicious Plugins Expose Supply Chain Risks
74
SHARES
1.2k
VIEWS
Share on FacebookShare on Twitter

Makina Finance hack

The post OpenClaw ClawHub Under Attack: 341 Malicious Plugins Expose Supply Chain Risks appeared first on Coinpedia Fintech News

OpenClaw’s fast-growing plugin store, ClawHub, is under security spotlight after blockchain security firm SlowMist uncovered a large batch of malicious skills on the platform. 

The finding points to weak review checks that allowed hidden, harmful code to spread through developer tools.

OpenClaw ClawHub Plugin Faces Supply Chain Attack Risk

SlowMist revealed that OpenClaw’s official plugin hub, known as ClawHub, has become a new target for supply chain-style attacks. The platform recently gained rapid popularity among AI agent developers, but its plugin screening process did not keep pace with growth.

Because plugin reviews were not strict enough, attackers were able to publish many dangerous skills that looked useful on the surface but carried hidden risks.

SlowMist teams say this type of attack is especially risky because developers often trust official plugin centers and follow installation steps without deep inspection.

🚨 Threat Intelligence | Analysis of ClawHub Malicious Skills Poisoning

As the #OpenClaw AI agent ecosystem rapidly grows, SlowMist has observed ClawHub becoming a new target for large-scale supply chain attacks. Due to insufficient review mechanisms, hundreds of malicious… pic.twitter.com/xfzo4AhTdb

— SlowMist (@SlowMist_Team) February 9, 2026

341 Malicious Plugins Expose

During a broad scan of the ClawHub ecosystem, security researchers found a high number of unsafe plugins. A separate scan by Koi Security reviewed 2,857 skills and flagged 341 as malicious.

You might also like

SEC Names Kathleen Hutchinson To Lead International Affairs Office

Cardano Development Activity Pushes Back Against ADA Price Stagnation

Ripple (XRP) Price Prediction 2026, 2027-2030: Will XRP Reach $5?

SlowMist’s deeper tracking reviewed more than 400 threat indicators and found clear patterns, many of the bad plugins connected back to the same small group of domains and server addresses. 

OpenClaw ClawHub plugin

However, Slowmist says that this suggests an organized and repeated attack effort, not random uploads.

How the Attack Actually Works?

According to the researchers, the main weakness comes from how OpenClaw skills are built. Many rely on instruction files that users run directly during setup. Attackers abused this by placing hidden download-and-run commands inside those instructions.

In many cases, the first attackers used coded messages to hide their real commands. When the code is decoded and run, it secretly downloads another program from an outside server. Secondly, that program then carries out the actual attack.

This two-step method helps attackers avoid early detection and lets them change the harmful program anytime without updating the visible plugin page.

Malicious Domain Analysis

SlowMist said its review of hundreds of threat indicators showed many of these plugins connected to the same small set of domains and IP addresses, 91.92.242.30. This suggests a planned, group-driven campaign rather than random one-off attacks.

Security teams are now warning OpenClaw users to double-check skill instructions and avoid running unknown command steps until stronger review controls are in place.

Read Entire Article
Tags: CoinPediaCrypto
Share30Tweet19
WeMaple AI

WeMaple AI

Recommended For You

SEC Names Kathleen Hutchinson To Lead International Affairs Office

by WeMaple AI
July 3, 2026
0
SEC Names Kathleen Hutchinson To Lead International Affairs Office

The SEC appointed Kathleen M Hutchinson to lead its Office of International Affairs, a key unit for cross-border

Read more

Cardano Development Activity Pushes Back Against ADA Price Stagnation

by WeMaple AI
July 3, 2026
0
Cardano Development Activity Pushes Back Against ADA Price Stagnation

Cardano node releases show continued development work even as ADA remains stuck in a tight market

Read more

Ripple (XRP) Price Prediction 2026, 2027-2030: Will XRP Reach $5?

by WeMaple AI
July 3, 2026
0
Ripple (XRP) Price Prediction 2026, 2027-2030: Will XRP Reach $5?

The post Ripple (XRP) Price Prediction 2026, 2027-2030: Will XRP Reach $5 appeared first on Coinpedia Fintech News Story Highlights The live price of the XRP is XRP...

Read more

Strategy Is No Longer a One-Way Bitcoin Buyer – Bitwise CIO

by WeMaple AI
July 3, 2026
0
Strategy Is No Longer a One-Way Bitcoin Buyer – Bitwise CIO

The post Strategy Is No Longer a One-Way Bitcoin Buyer – Bitwise CIO appeared first on Coinpedia Fintech News Bitwise Chief Investment Officer Matt Hougan said Strategy is...

Read more

Solana stakers get a new way to force the next SOL inflation fight

by WeMaple AI
July 3, 2026
0

Solana just gave delegators a new governance tool called Solana Governance Proposals (SGP), which hands them a lever for the next round of the inflation fight The proposing...

Read more
Next Post
Binance SAFU Fund Adds $300M in Bitcoin

Binance SAFU Fund Adds $300M in Bitcoin

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Related News

United Conservative Party expels MLA who pushed for public probe of health contracting

United Conservative Party expels MLA who pushed for public probe of health contracting

April 16, 2025
Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

Rogers to retain Canadian NHL rights with 12-year, $7.7-billion US deal: sources

March 31, 2025
Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

Bitcoin On Discount? Treasury Company Goes On End-Of-Year Rampage

January 1, 2026

Browse by Category

  • Canadian news feed
  • Crypto
  • Faith
  • Geothermal
  • Golf news
  • Hockey news
  • Running & fitness
  • Skateboarding
  • Sports & Fitness
  • WeMaple news
WEMAPLE NEWS – Brand Partnerships

Wemaple will be firmly committed to the public interest and democratic values.

CATEGORIES

  • Canadian news feed
  • Crypto
  • Faith
  • Geothermal
  • Golf news
  • Hockey news
  • Running & fitness
  • Skateboarding
  • Sports & Fitness
  • WeMaple news

BROWSE BY TAG

AZO Clean Tech Bitcoinist Bitcoinmagazine Canada News CBC.ca Celebrity News Christian Post CoinPedia Corporate Knights Crypto Cryptoslate Faith Geothermal Golf Hockey Lifehacker Ludwig-van.com NcrOnline newsbtc Skateboarding tomsguide.com Utah news dispatch

© 2025 wemaple.canadiana.news - all rights reserved. YYC TECH CONSULTING.

No Result
View All Result
  • Home
  • Canadian news feed
  • Skateboarding
  • Sports & Fitness
    • Golf
    • Hockey
    • Running & fitness
  • Faith
  • Geothermal
  • Crypto
  • WeMaple news

© 2025 wemaple.canadiana.news - all rights reserved. YYC TECH CONSULTING.