SUB30
SUB30
Loading...
Tips, guides, and news from the ClawHosters team.
A chip manufacturer just created a consumer product category for AI agents. That hasn't happened before.
The same week Shenzhen started offering 2 million yuan subsidies to anyone building on OpenClaw, Beijing told state agencies to stop installing it. That pretty much sums up China's relationship with the platform right now.
On March 13, four security advisories dropped for OpenClaw. The worst one scores a CVSS 9.9. If you self-host, you need to act on this today.
v2026.3.8 is already running on your ClawHosters instance. No action, no downtime, no terminal required.
A malicious npm package called `@openclaw-ai/openclawai` sat on the npm registry for seven days, from March 3 to March 10, and infected 178 machines before npm pulled it. JFrog security researchers discovered the package and named this OpenClaw npm malware campaign "GhostClaw." The malware calls...
Dashboard v2 shipped on March 13 with v2026.3.12. By that evening, power users were filing bug reports. Sessions with tool-heavy agent runs locked the browser completely. Chrome's "page unresponsive" dialog showed up after 30 seconds of frozen rendering. The v2026.3.13 release landed the next day...
OpenClaw is now the most-starred software project on GitHub. On March 2, 2026, it crossed 247,191 stars and passed React's 243,438, ending React's roughly 13-year run at the top. By March 3, the count sat at 250,829 stars with 48,274 forks.
Your phone is probably the most powerful computer you carry around, so running OpenClaw on Android seems like an obvious move. And it works. Sort of. There are three distinct approaches, each with different trade-offs, and one of them will bite you if you don't know about Android's Phantom...
Installing OpenClaw skills from untrusted sources just got a lot more dangerous. A Trend Micro analysis published February 23, 2026, found 39 malicious skills that trick OpenClaw agents into downloading the Atomic macOS Stealer (AMOS). The stealer targets 150+ crypto wallets, 19 browsers, Apple...
On February 13, 2026, a Vidar infostealer variant grabbed `openclaw.json`, `device.json`, and memory files from a compromised machine. The full credential dump, including LLM API keys, was confirmed by Hudson Rock. Hudson Rock CTO Alon Gal put it bluntly: infostealer developers will probably...
Shadow AI used to mean somebody on your team chatted with ChatGPT during lunch. Pasted some code, got an answer, moved on. Annoying for compliance, maybe, but the blast radius was small.
OpenClaw v2026.3.2 dropped on March 3, 2026. 93 contributors. 150+ bug fixes. Two headline features that change what your agents can do out of the box. And four breaking changes you probably want to read before hitting upgrade.
