OpenClaw has gone from an open-source curiosity to a widely deployed autonomous agent in a matter of days, and much of that growth is happening far outside formal security review. Internet-wide scans show tens of thousands of exposed instances; enterprise… Read More »How to Safely Evaluate OpenClaw Using Cloudflare’s Moltworker Sandbox
A LinkedIn message from a recruiter. A coding test that looks routine. A package install that seems like part of any normal hiring process. Within minutes, every cloud credential on the developer’s machine is exfiltrated — GitHub personal access tokens,… Read More »From Fake Recruiters to Hijacked AI Agents: Inside the $2 Billion Cloud IAM Attack Chain
The emergence of networked AI agents is shifting risk from individual systems to an entire ecosystem. That shift is becoming visible on Moltbook, a social platform billing itself as “built exclusively for AI agents… Humans welcome to observe,” where autonomous… Read More »Inside Moltbook: The Viral AI-Agent Network Experimenting With Bitcoin-Paid Key Theft
Model Context Protocol (MCP) was supposed to be the connective tissue for AI agents and tools. Instead, it has become a case study in how insecure defaults and “optional” controls can turn into full-blown production risk in a matter of… Read More »Clawdbot and the Cost of Insecure Defaults: MCP’s Authentication Gap Hits Production
Security teams are buying AI defenses that do not hold up once attackers adapt. A joint October 2025 study by researchers from OpenAI, Anthropic, and Google DeepMind is unequivocal: when tested under realistic, adaptive attack conditions, 12 published defenses against… Read More »Adaptive AI Attacks Are Beating Today’s Defenses: How CISOs Should Question Vendors
Enterprise security teams are running into a new kind of problem: the defenses are sophisticated, but the threat model has shifted underneath them. As generative AI systems and agents move into production, attackers are exploiting weaknesses in the runtime behavior… Read More »11 Runtime AI Attacks CISOs Can’t Ignore — And How to Build Inference-First Defenses