Buy Crypto- Markets
Futures- Spot
- Copy Trade
- Earn
- More
GoPlus: ClawHub has a vulnerability that allows for download count forgery, and popular skills may contain malicious code
By: rootdata|2026/03/26 19:42:00
0
Share
According to a security alert released by GoPlus Security, Silverfort security researchers discovered a serious vulnerability in OpenClaw's skill repository ClawHub. Attackers can bypass all protective mechanisms by calling the internal function downloads:increment, allowing them to inflate the download count to over 20,000 in just a few minutes with a single curl request, thereby pushing malicious skills to the top of search rankings and enticing users or AI Agents to install them automatically.
Once the malicious skill is running, it can steal sensitive data such as cryptocurrency wallets and API keys. The vulnerability has been patched within 24 hours. GoPlus advises users that a high download count does not equal safety and recommends using AgentGuard for security scanning and protection.
You may also like
The most important thing in Web3 primary market investment
There is no perfect model, only builders who are respectful and responsible towards the market.
The strategic focus of cryptocurrency in reconstructing the international monetary system and the Chinese solution
Cryptocurrency has a significant impact on our country's international financial cooperation and creates great opportunities for enhancing our international financial discourse power. We must adapt to the new trends in the reform of the international monetary system, analyze the structural contradic...
Musk Poached Aave App's Web3 Prodigy
Aesthetic is a gift.
The Petro Order is Cracking. What Comes Next for the Middle East?
Ground War Begins, or Deterrence Takes Hold
ETF Fund Inflows Emerging, What's Still Missing for BTC to Fully Recover?
The market is entering a crucial phase of equilibrium.
Forbes Special Report: The Embrace of AI Agents in the Cryptocurrency Industry
AI agents are becoming the true native users of cryptocurrency; they do not need a beautiful interface, just a wallet and a payment track. This wave of "machine commerce" may be the most rational narrative in the crypto industry for years, or it may just be another round of hype in a new bottle.
Bitpanda, Vision Web3 Foundation, and Optimism Partner to Onboard European Financial Institutions to the Global Blockchain Economy
Vision Chain aims to address the long-standing infrastructure bottlenecks in the European financial sector
What will the early Hyperliquid prediction market look like?
Unleash the Imagination Space of On-chain Finance
Overseas VC's Two-Week Trip to China AI Leaves Them in Awe of Shenzhen Hardware
Delphi Labs founder's two-week deep dive into China's AI ecosystem: More bullish on hardware than expected, more bearish on software than expected, and observations on Chinese founders that flipped his prior beliefs.
Was CZ Also Rug Pulled? BNB Treasury CEA Industries Control Battle
CEA Industries' mNAV drops to 0.68, YZi Labs personally steps in to clean up the mess
A transaction in 7 seconds, earning tens of millions of dollars, he's seen as the "cancer of meme coins."
The belief that "Day Trading Shitcoins is the Only Way to Make Money" has become their go-to strategy.
Bittensor Ecosystem Token SN Surges 5x in March, What's Behind Richard Heart's One-Liner?
What did Andrew Ng say? Did he say anything? Is Distributed AI Training Feasible?
The economy is entering a new cycle, how can the average person prepare?
The key is not how much you earn, but whether you have cash flow, low leverage, and the ability to earn consistently
Access Binance Alpha Box: Sigma.Money to Launch BNB Chain Ecosystem Yield Farming Gateway
Sigma.Money's innovation is now translating into tangible market momentum.
Kimi, Chip, and Bean come together for a Crypto Hackathon: What did AI developers build on Monad?
Monad Ecosystem AI Deployment, More Than Just a Hackathon.
How to Trade Crypto on Mobile Browser & Win LALIGA Tickets (2026 Guide)
Discover how AI automation, natural language trading, and mobile browser trading platforms are shaping automated trading in 2026. Join the WEEX live trading event for early access and rewards like LALIGA VIP tickets.
Connecting encryption, TradFi, and payments, is Gate completing the final puzzle of the "super APP"?
Why is it said that TradFi is not a short-term narrative?
a16z Crypto Operating Partner: Wall Street is undergoing its biggest infrastructure upgrade in 30 years
What is currently happening is the largest infrastructure upgrade in the capital market since the rise of electronic trading thirty years ago.
The most important thing in Web3 primary market investment
There is no perfect model, only builders who are respectful and responsible towards the market.
The strategic focus of cryptocurrency in reconstructing the international monetary system and the Chinese solution
Cryptocurrency has a significant impact on our country's international financial cooperation and creates great opportunities for enhancing our international financial discourse power. We must adapt to the new trends in the reform of the international monetary system, analyze the structural contradic...
Musk Poached Aave App's Web3 Prodigy
Aesthetic is a gift.
The Petro Order is Cracking. What Comes Next for the Middle East?
Ground War Begins, or Deterrence Takes Hold
ETF Fund Inflows Emerging, What's Still Missing for BTC to Fully Recover?
The market is entering a crucial phase of equilibrium.
Forbes Special Report: The Embrace of AI Agents in the Cryptocurrency Industry
AI agents are becoming the true native users of cryptocurrency; they do not need a beautiful interface, just a wallet and a payment track. This wave of "machine commerce" may be the most rational narrative in the crypto industry for years, or it may just be another round of hype in a new bottle.
App