Overview
- Alibaba Cloud rolled out a one‑click OpenClaw deployment in 19 regions starting at $4 per month, joining Tencent Cloud and DigitalOcean, with Alibaba planning support on Elastic Compute Service and Elastic Desktop Service.
- Gartner urged enterprises to block OpenClaw downloads and traffic, search for unauthorized use, and, if necessary, run only in isolated nonproduction VMs with throwaway credentials and immediate rotation of any keys it touches.
- Researchers reported 28 malicious skills uploaded to ClawHub from January 27–29 and another 386 from January 31–February 2, with 1Password’s Jason Meller calling the marketplace an attack surface and noting a top add‑on was used as a malware delivery vehicle.
- OpenClaw runs locally and can be driven via WhatsApp, Telegram, or iMessage, and when granted permissions it can read and write files and execute shell commands, heightening the impact of malicious extensions.
- New telemetry shared with WIRED shows AI scraping bots accounted for roughly one in 50 site visits in Q4 2025 and increasingly bypass robots.txt, a trend analysts link to growing agent activity and tools such as OpenClaw.