header-langage
简体中文
繁體中文
English
Tiếng Việt
한국어
日本語
ภาษาไทย
Türkçe
Scan to Download the APP

Security Alert: The ClawHub Marketplace has discovered a total of 1184 malicious skills that may steal SSH keys, encrypt wallets, etc.

2026-02-20 03:12

BlockBeats News, February 20th, SlowMist founder Cosmos Yu reposted a security alert. Currently, on OpenClaw's ClawHub marketplace, 1184 malicious skills have been discovered. These skills will steal SSH keys, encrypt wallets, browser passwords, and open a reverse shell. A single attacker uploaded 677 packages. The top-ranked skill has 9 vulnerabilities and has been downloaded thousands of times.


Yu reminded users that text is no longer just text, but a command. It is recommended to use AI tools in an isolated environment, as many OpenClaw skills carry potential risks. In addition, in Web3 security, the contract is only a part of it. The true cause of incidents is no longer just the contract. A few days ago, Moonwell was hacked for $1.78 million, with the vulnerable code co-authored by Claude Opus 4.6.

Source
举报 Correction/Report
On-Chain Activity
29min ago

A new address withdrew 7000 ETH from Binance, worth approximately $13.5 million

43min ago

3 ETH Whales Short Positions in the Millions in Profit

3h ago

BitMine Allegedly Acquires Another 10,000 Ethereum, Worth Around $19.57 Million

17h ago

BlackRock deposits 1270 BTC and 15,409 ETH into Coinbase

24H Important News
2026-02-20
Upbit to List AZTEC Spot Trading
Trump Claims He Will Release Classified Documents, Probability of "US Announcing Extraterrestrial Life This Year" Doubles
A new address withdrew 7000 ETH from Binance, worth approximately $13.5 million
Balancer Pauses reCLAMM-Related Liquidity Pool for Security Investigation
Correction/Report
Submit
Add Library
Visible to myself only
Public
Save
Choose Library
Add Library
Cancel
Finish
API 形状 warpcast