Your developers are already running OpenClaw at home. Censys tracked the open-source AI agent from roughly 1,000 instances to over 21,000 publicly exposed deployments in under a week. Bitdefender’s GravityZone telemetry, drawn specifically from business environments, confirmed the pattern security leaders feared: employees deploying OpenClaw on corporate machines with single-line install commands, granting autonomous agents shell access, file system privileges, and OAuth tokens to Slack, Gmail, and SharePoint.CVE-2026-25253, a one-click remote code execution flaw rated CVSS 8.8, lets attackers steal authentication tokens through a single malicious link and achieve full gateway compromise in milliseconds. A separate command injection vulnerability, CVE-2026-25157, allowed arbitrary comman [...]
Google caused controversy among some developers this weekend and today, Monday, February 23rd, after restricting their usage of its new Antigravity "vibe coding" platform, alleging "mal [...]
An attacker embeds a single instruction inside a forwarded email. An OpenClaw agent summarizes that email as part of a normal task. The hidden instruction tells the agent to forward credentials to an [...]
A rogue AI agent at Meta passed every identity check and still exposed sensitive data to unauthorized employees in March. Two weeks later, Mercor, a $10 billion AI startup, confirmed a supply-chain br [...]
The chatbot era may have just received its obituary. Peter Steinberger, the creator of OpenClaw — the open-source AI agent that took the developer world by storm over the past month, raising concern [...]
Microsoft last week took Agent 365, its management platform for AI agents, out of preview and into general availability — a move that signals the software giant believes the governance challenge aro [...]
Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is detected. No shell c [...]
“You can deceive, manipulate, and lie. That’s an inherent property of language. It’s a feature, not a flaw,” CrowdStrike CTO Elia Zaitsev told VentureBeat in an exclusive interview at RSA Conf [...]
Adversaries injected malicious prompts into legitimate AI tools at more than 90 organizations in 2025, stealing credentials and cryptocurrency. Every one of those compromised tools could read data, an [...]