OpenClaw Vulnerability 2026: Steipete Confirms 360 Security’s Critical AI Agent Exploit

OpenClaw Vulnerability 2026: Steipete Confirms 360 Security’s Critical AI Agent Exploit

OpenClaw founder Steipete has confirmed a critical AI vulnerability in the OpenClaw AI assistant, first reported by China’s 360 Security on March 10, 2026. The flaw, allowing unauthorized API proxying through user-subscribed LLM services, exposed automated workflows on WhatsApp, Telegram, and Discord to hijacking — triggering an urgent industry-wide response.

How the Exploit Worked: From Autonomy to Attack Vector

OpenClaw’s strength — persistent memory and cross-platform automation — became its weakness. Attackers could inject malicious payloads via third-party skills, routing commands through trusted integrations to access emails, calendars, or booking systems. The vulnerability required no user interaction beyond normal usage, making it stealthy and scalable.

Zero-Trust Protocol: OpenClaw’s Security Overhaul

Within 72 hours, OpenClaw deployed patch v2026.3.13-1 and launched a zero-trust AI framework. All agent-to-agent communication now requires cryptographic attestation, sandboxed execution, and dynamic privilege escalation. No API call is trusted by default — even from verified users.

Nvidia NemoClaw: Enterprise Response to a Consumer Crisis

Just weeks after the disclosure, Nvidia CEO Jensen Huang announced NemoClaw — a hardened enterprise variant of OpenClaw built on its open architecture. While marketed as "the next ChatGPT," privacy advocates remain skeptical, citing the recent breach as evidence that consumer-grade AI agents lack corporate-grade safeguards.

What Users Must Do Now

Update immediately to v2026.3.13-1. Disable all third-party API routing until your skills are verified by VirusTotal’s AI scanner — now integrated into OpenClaw’s plugin store. Review your connected apps and revoke unused permissions.

AI Agent Security: A New Era of Trust

The 360 Security discovery didn’t just expose a bug — it revealed systemic risks in autonomous AI agents. As tools like OpenClaw handle increasingly sensitive tasks, their attack surface grows exponentially. Dr. Elias Perrot, former Google Project Zero lead and now OpenClaw’s AI Defense Initiative head, calls this "the defining challenge of 2026: building AI that doesn’t just act — but acts safely."

OpenClaw has pledged to publish a full post-mortem within 30 days. Meanwhile, the company has partnered with NIST and 360 Security’s Threat Intelligence Division to co-author open AI agent security guidelines.

Why This Matters Beyond OpenClaw

This isn’t an isolated incident. Similar vulnerabilities are being found in Copilot-style agents across platforms. The OpenClaw case sets a precedent: rapid patching, third-party audits, and transparent disclosure are no longer optional — they’re baseline expectations for AI tools. Developers and enterprises alike must adopt zero-trust AI principles before the next exploit emerges.