The 2026 OpenClaw Triple Breach: Freedom Isn't Free

In early 2026, OpenClaw got hit three times: 20,000+ gateways exposed to the internet, 20% of marketplace skills were trojans, and link previews became exfiltration vectors. Attackers had a smooth ride until they hit a closed door — and 'proper configuration' suddenly mattered. Self-hosting freedom comes with self-hosting responsibility.