
Summaries like this, in your inbox every morning.
Sign up free →A threat actor named 'fluffyduck' posted root shell access to a CEO's computer on BreachForums on February 22, offering it for $25,000 in cryptocurrency (Monero or Litecoin).
The primary target was the CEO's OpenClaw AI personal assistant, which contained all conversations, company production databases, Telegram bot tokens, and Trading 212 API keys.
Etay Maor, VP of Threat Intelligence at Cato Networks, argues that the AI industry granted autonomous agents more freedom than human employees, abandoning security principles like zero trust and least privilege.
The breach highlights that OpenClaw instances lack enterprise kill switches, leaving 500,000 instances potentially vulnerable to similar attacks and unauthorized access.
No comments yet. Be the first to share your thoughts!
Log in to join the discussion




Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.
Get Started FreeFree · takes 30 seconds · unsubscribe anytime
1 minute a day. The AI essentials.
200+ sources · Email / LINE / Slack