"The long and short of it is that Moltbot can be controlled using messaging apps, like WhatsApp and Telegram, in a similar way to the GenAI chatbots everyone knows about. Taking things a little further, its agentic capabilities allow it to take care of life admin for users, such as responding to emails, managing calendars, screening phone calls, or booking table reservations - all with minimal intervention or prompting from the user."
"All that functionality comes at a cost, however, and not just the outlay so many seem to be making on Mac Mini purchases for the sole purpose of hosting a Moltbot instance. In order for Moltbot to read and respond to emails, and all the rest of it, it needs access to accounts and their credentials. Users are handing over the keys to their encrypted messenger apps, phone numbers, and bank accounts to this agentic system."
"First, there was the furor around public exposures. Moltbot is a complex system, and despite being as easy to install as a typical app on the face of it, the misconfigurations associated with it prompted experts to highlight the dangers of running Moltbot instances without the proper know-how. Jamieson O'Reilly, founder of red-teaming company Dvuln, was among the first to draw attention to the issue, saying that he saw hundreds of Clawdbot instances exposed to the web, potentially leaking secrets."
Moltbot (formerly Clawdbot) is an open-source agentic AI personal assistant controllable via messaging apps like WhatsApp and Telegram. The bot can autonomously manage emails, calendars, phone calls, and reservations with minimal user prompting. Those capabilities require access to accounts and credentials, including encrypted messenger keys, phone numbers, and bank details. Many users host Moltbot locally, but misconfigurations have left hundreds of instances exposed to the web, increasing the risk of secret leakage. Security experts warn that running Moltbot without proper configuration and expertise can lead to account compromise and sensitive data exposure.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]