Self-Hosting

How to Check if Your OpenClaw Instance Is Compromised — CVE-2026-33579 Audit Checklist

CVE-2026-33579 is a critical privilege escalation vulnerability in OpenClaw (CVSS 8.1–9.8) that allowed anyone with operator.pairing scope — the lowest permission level — to silently grant themselves full admin access. It was patched in v2026.3.28, but the exploit leaves no obvious trace. Security experts recommend that any OpenClaw instance running a pre-patch version should be treated as potentially compromised, even without visible evidence of breach. This checklist walks you through the full audit process. ...

How to Self-Host OpenClaw on a VPS in 2026 (Hardened Setup Guide)

The CertiK study published today identified 135,000 internet-exposed OpenClaw instances with systemic security failures: authentication disabled, API keys in plaintext, malware in the skills store. Most of those deployments weren’t the result of malicious intent — they were the result of setting up OpenClaw following the default quick-start guide and then opening it to the internet. This guide is the one you should follow instead. It covers a complete, production-grade VPS deployment of OpenClaw v2026.4.1 with the security hardening necessary to run it safely on a public-facing server. ...

A glowing claw icon floating above a cloud server rack, surrounded by orbiting gear icons representing managed infrastructure

KiloClaw Launches on Product Hunt — Fully Managed Hosted OpenClaw, No Server Required

The OpenClaw ecosystem just got a significant new player. KiloClaw, a fully managed, hosted version of OpenClaw, launched on Product Hunt this week — and walked away with a perfect 5.0-star rating. For teams who want the power of multi-agent AI orchestration without the operational burden of running their own server, KiloClaw is positioning itself as the answer. What Is KiloClaw? KiloClaw handles everything that makes self-hosting OpenClaw complex: infrastructure provisioning, security hardening, updates, and 24/7 monitoring. Users get a production-grade OpenClaw environment without needing a Mac Mini, VPS, or DevOps team to keep it running. ...

A digital vault door with CLI terminal lines etched into its surface, glowing teal on a dark server-room background

OpenClaw v2026.3.8: Backup CLI Commands, ACP Provenance, and Telegram Hardening

OpenClaw v2026.3.8 dropped three days ago and it’s a release that’s easy to overlook if you’re only scanning headlines — but self-hosters should pay close attention. The headline addition is something the community has been quietly asking for since the early days: built-in backup commands. The Backup CLI: What’s New Before 3.8, backing up your OpenClaw configuration meant manually copying files and hoping you remembered everything. Now, the CLI handles it natively: ...