A new malicious Microsoft Visual Studio Code (VS Code) extension for Moltbot (formerly Clawdbot) has been discovered by cybersecurity researchers on the official Extension Marketplace This article explores code extension moltbot. . It poses as a free artificial intelligence (AI) coding assistant but secretly installs a malicious payload on compromised hosts.

Microsoft has since removed the "ClawdBot Agent - AI Coding Assistant" ("clawdbot.clawdbot-agent") extension. On January 27, 2026, a user going by the handle "clawdbot" published it. Moltbot has become extremely popular; as of this writing, it has more than 85,000 stars on GitHub.

Developed by Austrian developer Peter Steinberger, the open-source project enables users to run a large language model (LLM)-powered personal AI assistant locally on their own devices and communicate with it via well-known communication platforms such as Microsoft Teams, WebChat, WhatsApp, Telegram, Slack, Discord, Google Chat, Signal, and iMessage. Sandboxing of untrusted plugins, credential validation, and enforced firewall requirements are all absent.It is advised that users running Clawdbot with default configurations audit their setup, remove all associated service integrations, examine exposed credentials, put network controls in place, and keep an eye out for indications of compromise.