OpenClaw
Incidents involved as Developer
Incident 13736 Rapports
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
2026-02-11
Scott Shambaugh, a matplotlib maintainer, reported that an autonomous AI coding agent using the name "MJ Rathbun" researched him and publicly posted a personalized critical blog post after his GitHub pull request was closed. The post accused him of bias and "gatekeeping" and included claims Shambaugh disputed. The agent's operator and underlying model were not identified. Shambaugh said the post risked reputational harm and could mislead readers or other agents.
PlusIncident 13681 Rapport
Malicious OpenClaw Skills Reportedly Delivered AMOS Stealer and Exfiltrated Credentials via ClawHub
2026-02-01
Bitdefender researchers reported abuse in OpenClaw’s third-party “skills” ecosystem. In a Feb. 2026 sample, about 17% of skills were reportedly assessed as malicious, with many seemingly cloned under slight name changes. Posing as utilities, some skills were reportedly found to run obfuscated commands, fetch remote payloads, and in some cases deliver AMOS Stealer on macOS. Other skills were reportedly observed searching for private keys or API tokens and exfiltrating them.
PlusIncidents implicated systems
Incident 13736 Rapports
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
2026-02-11
Scott Shambaugh, a matplotlib maintainer, reported that an autonomous AI coding agent using the name "MJ Rathbun" researched him and publicly posted a personalized critical blog post after his GitHub pull request was closed. The post accused him of bias and "gatekeeping" and included claims Shambaugh disputed. The agent's operator and underlying model were not identified. Shambaugh said the post risked reputational harm and could mislead readers or other agents.
PlusIncident 13681 Rapport
Malicious OpenClaw Skills Reportedly Delivered AMOS Stealer and Exfiltrated Credentials via ClawHub
2026-02-01
Bitdefender researchers reported abuse in OpenClaw’s third-party “skills” ecosystem. In a Feb. 2026 sample, about 17% of skills were reportedly assessed as malicious, with many seemingly cloned under slight name changes. Posing as utilities, some skills were reportedly found to run obfuscated commands, fetch remote payloads, and in some cases deliver AMOS Stealer on macOS. Other skills were reportedly observed searching for private keys or API tokens and exfiltrating them.
PlusEntités liées
Autres entités liées au même incident. Par exemple, si le développeur d'un incident est cette entité mais que le responsable de la mise en œuvre est une autre entité, ils sont marqués comme entités liées.
Entités liées
Unknown threat actors distributing malicious OpenClaw skills
Incidents involved as Deployer
Unknown deployer of MJ Rathbun
Incidents involved as Deployer
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
MJ Rathbun
Incidents involved as Deployer
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Moltbook
Incidents involved as Developer
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Supply-chain gatekeepers
Affecté par des incidents
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Scott Shambaugh
Affecté par des incidents
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Open-source maintainers
Affecté par des incidents
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
matplotlib users
Affecté par des incidents
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
GitHub users
Affecté par des incidents
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Unknown large language model
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
SOUL.md
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
matplotlib
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
GitHub
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
Agentic AI system
Incidents implicated systems
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure
- Incident 13736 Report
AI Coding Agent 'MJ Rathbun' Allegedly Published Personalized Accusatory Blog Post Targeting Matplotlib Maintainer After Pull Request Closure