🔥 BitDegree partnered with Ogvio - a free international money transfer service! Sign up now & grab Rewards! 🎁
Ogvio Horizontal Banner
Crypto News Exploits
SlowMist Flags Major Security Risk in Clawdbot AI Assistant

SlowMist Flags Major Security Risk in Clawdbot AI Assistant

Aaron S. Editor-In-Chief
Written by Aaron S.,
Editor-In-Chief

✓ Fact Checked

Last Updated: January 27, 2026

✓ Fact Checked

Key Takeaways

  • Researchers warned that Clawdbot setups can expose chat logs and API keys if users fail to secure their servers properly;
  • SlowMist confirmed that several Clawdbot gateways allow access without login and may let attackers steal data or run commands;
  • Jamieson O’Reilly urged users to review their Clawdbot setup and check for exposed servers that appear in public internet scans.

Stop overpaying - start transferring money with Ogvio. Sign up, invite friends & grab Rewards now! 🎁

SlowMist Flags Major Security Risk in Clawdbot AI Assistant

A new artificial intelligence (AI) assistant, Clawdbot, is under scrutiny after researchers warned that a poor setup could expose personal data online.

Blockchain security firm SlowMist confirmed on January 27 that a “gateway exposure” was found, which put “hundreds of API keys and private chat logs at risk".

The company also said that some servers can be accessed without a login, and that coding issues could allow attackers to steal credentials or run remote commands.

Hot VS Cold Wallet: Which One Do YOU Need? (Animated)

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Hot VS Cold Wallet: Which One Do YOU Need? (Animated)

Hot VS Cold Wallet: Which One Do YOU Need? (Animated) Hot VS Cold Wallet: Which One Do YOU Need? (Animated)

Security researcher Jamieson O’Reilly, who first shared the details on January 25, explained that many users have made their Clawdbot servers public without realizing it.

Clawdbot was developed by Peter Steinberger as an open-source personal assistant that runs directly on a user’s device. Its gateway links large language models to messaging platforms, which enables the bot to send messages or perform tasks via a web dashboard called “Clawdbot Control".

According to O’Reilly, the main problem occurs when the gateway is behind a reverse proxy that is misconfigured. This setup flaw can let anyone bypass login protection.

Using public internet scanners like Shodan, O’Reilly said it took only seconds to find open servers by searching for “Clawdbot Control".

O’Reilly urged anyone running Clawdbot to check their setup immediately. He advised, "Audit your configuration today".

Recently, cybersecurity expert Jeremiah Fowler revealed a database containing login details stolen from malware-infected phones and computers. What did he say? Read the full story.

Aaron S. Editor-In-Chief
Aaron S. Editor-In-Chief
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
See Our Experts
Loading...

The Most Liked Crypto News Findings

Looking for more latest crypto news on related topic? We have gathered similar news articles for you to spare your time. Take a look!

149 Million Stolen Logins Exposed in Major Malware Data Leak

Exploits

149 Million Stolen Logins Exposed in Major Malware Data Leak

Matcha Meta Hack Linked to SwapNet Drains $16.8 Million in Crypto

Exploits

Matcha Meta Hack Linked to SwapNet Drains $16.8 Million in Crypto

Paradex Pays Back $650,000 After Maintenance Glitch Hits Traders

Exploits

Paradex Pays Back $650,000 After Maintenance Glitch Hits Traders

Latest Crypto News & Videos

Ethereum Foundation Launches $2 Million Push for Post-Quantum Safety

Blockchain

Ethereum Foundation Launches $2 Million Push for Post-Quantum Safety

SEC Ends Gemini and Genesis Case After Full Crypto Repayments

Regulation

SEC Ends Gemini and Genesis Case After Full Crypto Repayments

Metaplanet Raises 2026 Forecast Despite $700 Million Bitcoin Hit

Business

Metaplanet Raises 2026 Forecast Despite $700 Million Bitcoin Hit

Coinbase VS Ogvio: Which is Better For Africa & Asia in 2026? Coinbase VS Ogvio: Which is Better For Africa & Asia in 2026?
VIDEO

Coinbase VS Ogvio: Which is Better For Africa & Asia in 2026?

How to Send Money Abroad? Most Affordable Way Revealed (2026) How to Send Money Abroad? Most Affordable Way Revealed (2026)
VIDEO

How to Send Money Abroad? Most Affordable Way Revealed (2026)

What Is a Neobank (And Should You Use It)? What Is a Neobank (And Should You Use It)?
VIDEO

What Is a Neobank (And Should You Use It)?

Trending Crypto News

Lawmakers Split Over Who Should Issue Won Stablecoins

Lawmakers Split Over Who Should Issue Won Stablecoins

BPS Fined $9.3 Million for Misleading Qoin Wallet Promotion

BPS Fined $9.3 Million for Misleading Qoin Wallet Promotion

Meta Rejects Lawsuit Claim Over WhatsApp Chat Access

Meta Rejects Lawsuit Claim Over WhatsApp Chat Access

Investors Ditch Crypto as $2.24 Billion Stablecoin Value Disappears

Investors Ditch Crypto as $2.24 Billion Stablecoin Value Disappears

Ogvio Square Banner
Coinbase Square
Ledger Square
Ogvio Square Banner
binance
×
Verified

ZERO FEES

For Ogvio Money Transfers
Rating
5.0
Get deal
×
BitDegree.org

BitDegree.org

Fact-checking Standards

To ensure the highest level of accuracy & most up-to-date information, BitDegree.org is regularly audited & fact-checked by following strict editorial guidelines & review methodology.
Carefully selected industry experts contribute their real-life experience & expertise to BitDegree's content. Our extensive Web3 Expert Network is compiled of professionals from leading companies, research organizations and academia.

All the content on BitDegree.org meets these criteria:

  • Only authoritative sources like academic associations or journals are used for research references while creating the content.
  • The real context behind every covered topic must always be revealed to the reader.
  • If there's a disagreement of interest behind a referenced study, the reader must always be informed.
Feel free to contact us if you believe that content is outdated, incomplete, or questionable.
×
Subscribe

Subscribe

On Youtube

Understand crypto with ease

New explainer videos every week!