Misconfigured Moltbot dashboards leak credentials and invite takeovers

January 28, 2026 at 05:24 PM

•

1 min read

Misconfigured Moltbot dashboards leak credentials and invite takeovers — Photo: Bitdefender

TL;DR Summary

Misconfigured Moltbot (formerly Clawdbot) control panels exposed hundreds of internet-facing dashboards, leaking API keys, private chats and other credentials. With autonomous agent capabilities, attackers could impersonate operators, inject messages, and even run commands with elevated privileges. The root cause was localhost-trust and reverse-proxy defaults; the project has rebranded Clawdbot to Moltbot (Molty) while keeping the same core functionality.

Topics:technology #ai #credentials #cybersecurity #data-exposure #misconfiguration #security

Share this article

Moltbot security alert exposed Clawdbot control panels risk credential leaks and account takeovers Bitdefender
Clawdbot has AI techies buzzing — and buying Mac Minis Business Insider
Clawdbot Rebrands to Moltbot After Trademark Request From Anthropic Laravel News
Users flock to open source Moltbot for always-on AI, despite major risks Ars Technica
Clawdbot sheds skin to become Moltbot, can't slough off security issues theregister.com

Reading Insights

Total Reads

Unique Readers

Time Saved

2 min

vs 3 min read

Condensed

86%

405 → 58 words

Want the full story? Read the original article

Read on Bitdefender

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights