Cybersecurity Incidents Highlighted in February 3, 2026 Stormcast Podcast

The February 3, 2026 Stormcast episode addresses several cybersecurity incidents. Targeted scans against Anthropic models were detected in honeypots, originating from a Tor exit node and likely aimed at exposed instances or proxies containing API keys. Notepad++ disclosed a compromise of its update site since June 2025, caused by a vulnerability in its hosting infrastructure, with technical details about the backdoor and indicators of compromise published by Rapid7. The podcast also covers vulnerabilities in OpenClaw (formerly ClawBot or MoldBot), an AI assistant. Among the flaws: default listening on the loopback interface without authentication, enabling unauthorized access via WebSocket and credential theft. Additionally, out of 2,800 skills (extensions) audited by Koi Research, 340 were malicious, with 320 linked to an infostealer campaign. A Censys analysis identified over 20,000 exposed OpenClaw instances on the internet.