I compiled a complete timeline of every OpenClaw security incident documented so far — all 6 CVEs, the ClawHavoc malware campaign (341 malicious skills), 42,000+ exposed instances, the Moltbook token leak (1.5M API keys), prompt injection research, and government warnings from Belgium, China, and South Korea.

Full writeup: https://blog.barrack.ai/openclaw-security-vulnerabilities-2026