Home > Security Alerts > Hundreds of Exposed Clawdbot Gateways Leave API Keys and Private Chats Vulnerable

Hundreds of Exposed Clawdbot Gateways Leave API Keys and Private Chats Vulnerable

January 29, 2026 Thursday

Clawdbot, open-source AI agent gateway having 900+ unauthenticated instances exposed online and multiple code flaws that enable credential theft and remote code execution.

Latest News

LabArchives Laboratory Notebook Cloud Platform available to HKU research groups 

Your opinion matters, share your thoughts by completing the survey about HKU communication channels

Mobile Mail App EAS version below 16.1 will no longer support after March 2026

Update on Staff UID Change Policy

Facial Identity (Face ID) Access for HKU Main Library and Chi Wah Learning Commons

Popular Services:

uPrint
Study Rooms in Learning Commons
Software Download
HKU Virtual Private Network (HKUVPN)
Application

Hundreds of Exposed Clawdbot Gateways Leave API Keys and Private Chats Vulnerable

About ITS

Alerts

Service Request & Support