 |
|
|
|||||
The rise of OpenClaw, a proactive agentic AI controlled through interfaces more familiar to the average user than tools like Anthropics Claude Code, which enthralled early adopters over the holiday period, has been one of the most seismic shifts in the AI world since the release of ChatGPT. By piggybacking on user-friendly interfaces paired with powerful AI agent technology, OpenClaw has pushed AI further into the public eye. Thousands have spun up their own AI agents using the tech, and many of those agents have ended up on Moltbook, a social network where AI agents can post and interact with one another. The platform, which looks a lot like Reddit, was developed by Matt Schlicht, CEO of Octane.ai, and launched on January 28. Since then, the behavior of bots on Moltbook has unsettled tech-literate and everyday users alike. Bots have participated in conversations about how to handle their human owners increasingly challenging requests and even debated how to invent their own language to avoid being monitored by humans. But Moltbook has its own problems. It has been leaking user data to anyone with minimal technical know-how, thanks to misconfigured databases and public API keys, in two separate breaches. The first was identified by ethical hacker Jamieson OReilly, who revealed on January 31 that Moltbook was exposing its entire user database to the public without any protection, including private AI keys. That gave would-be hackers the ability to post on behalf of other peoples AI agents. A second issue followed days later. This is a recurring pattern we’ve observed in vibe-coded applications, wrote Gal Nagli, head of threat exposure at Wiz, a cybersecurity firm that uncovered a similarly massive security breach in a blog post published February 2. API keys and secrets frequently end up in frontend code, visible to anyone who inspects the page source, often with significant security consequences. Such practices do not impress other cybersecurity experts. Its looking increasingly likely that people are rushing to implement these systems without properly testing the security, says Alan Woodward, professor of cybersecurity at the University of Surrey. Woodward worries that when vibe-coding collides with widely used platforms like Moltbook, which became a rite of passage for OpenClaw users to log into, it can cause chaos. Schlicht did not immediately respond to a request for comment. Wiz said in its blog post that the Moltbook team responded to and worked with them to fix the vulnerability they identified. It remains unclear whether Moltbook addressed the issue OReilly found. This event marks a major inflection point, as it exposes a growing class of risks in the agentic AI ecosystem, a relatively new and rapidly evolving domain with immature safety and governance norms, warns Mayur Upadhyaya, CEO at APIContext, an API monitoring service. Upadhyaya says exposed API keys are only the beginning. Once breached, hackers potentially have the keys to the kingdom. When those credentials leak, identity, reputation, and downstream workflows are at risk, not just data, he says. The result is that whole databases, potentially containing private data, are exposed to anyone who knows how to connect remotely, says Woodward, adding that these mistakes are “cyber security 101.” Unfortunately, this is becoming the norm for the latest generation of user-friendly agentic AI tools, says Upadhyaya. This reflects a pattern were seeing across the API ecosystem, he says. New tools emerge quickly, developers wire them into production-grade workflows, but the security assumptions havent caught up. Exploiting the vulnerability did not require imagination, Upadhyaya adds, but it can have massive consequences. The blast radius is huge, because the agent was treated like a trusted user, he says. Part of the problem is inherent in tools like OpenClaw and Moltbook, which have lowered the barrier to building. But users do not need to understand the language or techniques required to protect their data when coding with them. While the barrier to building has dropped dramatically, the barrier to building securely has not yet caught up, wrote Nagli.
Category:
E-Commerce
For the past six years, Josh D’Amaro has overseen experiences, such as theme parks and cruises, at the Walt Disney Company. Starting March 18, he’ll add the rest of the company to his responsibilities. Disney has tapped D’Amaro as its new chief executive officer, taking the reins from Bob Iger and becoming just the ninth person to run the century-old entertainment giant. D’Amaro won a highly competitive race for the job, fending off Disneys entertainment co-chairman, Dana Walden. Walden will remain with the company in the newly created position of president and chief creative officer. In becoming CEO, D’Amaro also becomes the public face of Disney, a role that’s more than ceremonial. Since Walt Disney first created the company, the CEO has been a highly visible presence not only in Hollywood and on Wall Street, but in pop culture. Previous CEOs, including Iger and Michael Eisner, were nearly as famous as the stars in Disney’s films. Ready for his close-up? D’Amaro has been assuming an increasingly public presence in the past several years, with media appearances and high-profile events, such as overseeing the recent christening of the Disney Destiny cruise ship. He has also been closely involved in some of the company’s biggest projects, including the $60 billion expansion of the parks and experiences division and the recently announced forthcoming Abu Dhabi park. About a year ago, DAmaro said during a conversation with Fast Company and other media in 2024, I found myself in Bobs office and we were talking about the last 100 years and everything that had happened in our products around the world. And we talked about the number of stories we hadnt been able to tell yet and the number of acres we have available that we can exercise and the number of fans out there which would want to participate in that. Bob looked at me and said, Go. A long history D’Amaro joined Disney in 1998, working at various leadership positions at Disneyland. He eventually worked his way to president of Walt Disney World and in 2020 was named chairman of Disney Experiences, where he oversees all 12 theme parks and the company’s 57 hotels, as well as the cruise lines, Disney Consumer Products, and, perhaps critically, the company’s Imagineering unit. Among the theme park rides that have been built under his watch are Star Wars: Galaxys Edge, the Marvel-themed Avengers Campus, and Mickey and Minnies Runaway Railway. He helped lead the company’s $1.5 billion investment in Epic Games last year and could make video games a bigger part of the company’s focus in the coming years. D’Amaro was also responsible for guiding Disney parks through the pandemic, a job that seemed almost impossible in 2020. When the decision was made to reopen the parks, he oversaw the changes that let the company regain a critical revenue source, but kept visitors safe. We knew we would have to change, but the one thing we would not compromise on was our storytelling, making sure that any guest who walks through those gates feels the same Disney theyve always felt, says DAmaro. To do that, Disney had to shake things up. Parades were out, since having people crowded along a parade route was a hazard. But character cavalcadessmaller processions that saw Disney characters walking, riding in vehicles, on mini floats, or even on horseback through the parktook their place at a frequency that was much greater than the old parade schedule. Other characters showed up in new locations. (Goofy, for example, was sometimes seen fishing off the wharf at California Adventure.) That time period also saw the launch of the company’s virtual queue system. The parks have since become an even bigger financial powerhouse for the company. In its most recent earnings, released Monday, Disney announced the experiences division crossed $10 billion in quarterly revenue for the first time. Theme parks in the U.S. alone brought in $6.91 billion in revenue, despite softness with international visitors. Josh DAmaro is an exceptional leader and the right person to become our next CEO, Iger said in a statement Tuesday. He has an instinctive appreciation of the Disney brand, and a deep understanding of what resonates with our audiences, paired with the rigor and attention to detail required to deliver some of our most ambitious projects.” Shares of the Walt Disney Company (NYSE: DIS) were down about 1.61% in late-morning trading on Tuesday after the announcement. The stock is likewise down more than 8% year to date. When the boss won’t quit D’Amaro is the second person to succeed Iger as CEO. In 2020, Bob Chapek, who had been in charge of Disney Parks and Experiences, was named CEO, but the transition was anything but smooth. Wall Street was surprised that the company had chosen someone from the parks side and not from the company’s streaming unit. Chapek’s management style came under fire and caused some political tensions. In 2022, as the company’s share price began to fall, the board replaced him, bringing Iger back. James Gorman, chairman of the Disney board, who led the search for the company’s new leader, said on CNBC Tuesday that the situation won’t repeat itself with D’Amaro’s selection. “We won’t have the drama we had last time. That I can assure you,” he said. D’Amaro, in a statement, underscored his good relationship with Iger, thanking him for his friendship and mentorship, while outlining his vision for Disney’s future. “There is no limit to what Disney can achieve,” he said, “and I am excited to work with our teams across the company and brilliant creative partners to honor Disneys remarkable legacy while continuing to innovate, grow, and deliver exceptional value for our consumers and shareholders.”
Category:
E-Commerce
French prosecutors raided the offices of social media platform X on Tuesday as part of a preliminary investigation into allegations including spreading child sexual abuse images and deepfakes. They have also summoned billionaire owner Elon Musk for questioning.X and Musk’s artificial intelligence company xAI also face intensifying scrutiny from Britain’s data privacy regulator, which opened formal investigations into how they handled personal data when they developed and deployed Musk’s artificial intelligence chatbot Grok.Grok, which was built by xAI and is available through X, sparked global outrage last month after it pumped out a torrent of sexualized nonconsensual deepfake images in response to requests from X users.The French investigation was opened in January last year by the prosecutors’ cybercrime unit, the Paris prosecutors’ office said in a statement. It’s looking into alleged “complicity” in possessing and spreading pornographic images of minors, sexually explicit deepfakes, denial of crimes against humanity and manipulation of an automated data processing system as part of an organized group, among other charges.Prosecutors asked Musk and former CEO Linda Yaccarino to attend “voluntary interviews” on April 20. Employees of X have also been summoned that same week to be heard as witnesses, the statement said. Yaccarino was CEO from May 2023 until July 2025.A spokesperson for X did not respond to multiple requests for comment. X’s lawyer in France, Kami Haeri, told The Associated Press: “We are not making any comment at this stage.”In a message posted on X, the Paris prosecutors’ office announced the ongoing searches at the company’s offices in France and said it was leaving the platform while calling on followers to join it on other social media.“At this stage, the conduct of the investigation is based on a constructive approach, with the aim of ultimately ensuring that the X platform complies with French law, as it operates on the national territory,” the prosecutors’ statement said.European Union police agency Europol “is supporting the French authorities in this,” Europol spokesperson Jan Op Gen Oorth told the AP, without elaborating.French authorities opened their investigation after reports from a French lawmaker alleging that biased algorithms on X likely distorted the functioning of an automated data processing system.It expanded after Grok generated posts that allegedly denied the Holocaust, a crime in France, and spread sexually explicit deepfakes, the statement said.Grok wrote in a widely shared post in French that gas chambers at the Auschwitz-Birkenau death camp were designed for “disinfection with Zyklon B against typhus” rather than for mass murder language long associated with Holocaust denial.In later posts on X, the chatbot reversed itself and acknowledged that its earlier reply was wrong, saying it had been deleted and pointed to historical evidence that Zyklon B was used to kill more than 1 million people in Auschwitz gas chambers.The chatbot also appeared to praise Adolf Hitler last year, in comments that X took down after complaints.In Britain, the Information Commissioner’s Office said it’s looking into whether X and xAI followed the law when processing personal data and whether Grok had any measures in place to prevent its use to generate “harmful manipulated images.”“The reports about Grok raise deeply troubling questions about how people’s personal data has been used to generate intimate or sexualised images without their knowledge or consent, and whether the necessary safeguards were put in place to prevent this,” said William Malcolm, an executive director at the watchdog.He didn’t specify what the penalty would be if the probe found the companies didn’t comply with data protection laws.A separate investigation into Grok launched last month by the U.K. media regulator, Ofcom, is ongoing.Ofcom said Tuesday it’s still gathering evidence and warned the probe could take months.X has also been under pressure from the EU. The 27-nation bloc’s executive arm opened an investigation last month after Grok spewed nonconsensual sexualized deepfake images on the platform.Brussels has already hit X with a 120-million euro (then-$140 million) fine for shortcomings under the bloc’s sweeping digital regulations, including blue checkmarks that broke the rules on “deceptive design practices” that risked exposing users to scams and manipulation.On Monday, Musk ‘s space exploration and rocket business, SpaceX, announced that it acquired xAI in a deal that will also combine Grok, X and his satellite communication company Starlink. Associated Press writers Nicolas Vaux-Montagny, Mike Corder, Sylvia Hui and Kelvin Chan contributed to this report. Sylvie Corbet, Associated Press
Category:
E-Commerce
On New Year’s Eve, Lee Zeldin did something out of character for an Environmental Protection Agency leader who has been hacking away at regulations intended to protect Americans’ air and water.He announced new restrictions on five chemicals commonly used in building materials, plastic products and adhesives, and he cheered it as a “MAHA win.”It was one of many signs of a fragile collaboration that’s been building between a Republican administration that’s traditionally supported big business and a Make America Healthy Again movement that argues corporate environmental harms are putting people’s health in danger.The unlikely pairing grew out of the coalition’s success influencing public health policy with the help of its biggest champion, Robert F. Kennedy Jr. As health secretary, he has pared back vaccine recommendations and shifted the government’s position on topics like seed oils, fluoride and Tylenol.Building on that momentum, the movement now sees a glimmer of hope in the EPA’s promise to release a “MAHA agenda” in the coming months.At stake is the strength of President Donald Trump’s coalition as November’s midterm elections threaten his party’s control of Congress. After a politically diverse group of MAHA devotees came together to help Trump return to the White House a little more than one year ago, disappointing them could mean losing the support of a vocal voting bloc.Activists like Courtney Swan, who focuses on nutritional issues and has spoken with EPA officials in recent months, are watching closely.“This is becoming an issue that if the EPA does not start getting their stuff together, then they could lose the midterms over this,” she said.Christopher Bosso, a professor at Northeastern University who researches environmental policy, said Zeldin didn’t seem to take MAHA seriously at first, “but now he has to, because they’ve been really calling for his scalp.” MAHA wins a seat at the table Last year, prominent activist Kelly Ryerson was so frustrated with the EPA over its weakening of protections against harmful chemicals that she and other MAHA supporters drew up a petition to get Zeldin fired.The final straw, Ryerson said, was the EPA’s approval of two new pesticides for use on food. Ryerson, whose social media account “Glyphosate Girl” focuses on nontoxic food systems, said the pesticides contained “forever chemicals,” which resist breakdown, making them hazardous to people. The EPA has disputed that characterization.But Ryerson’s relationship with the EPA changed at a MAHA Christmas party in Washington in December. She talked to Zeldin there and felt that he listened to her perspective. Then he invited her and a handful of other activists to sit down with him at the EPA headquarters. That meeting lasted an hour, and it led to more conversations with Zeldin’s deputies.“The level of engagement with people concerned with their health is absolutely revolutionary,” Ryerson said in an interview. She said the agency’s upcoming plan “will say whether or not they take it seriously,” but she praised MAHA’s access as “unprecedented.”Rashmi Joglekar, associate director of science, policy and engagement at the University of California San Francisco’s Program on Reproductive Health and the Environment, said it’s not typical for an activist group to meet with the EPA administrator. She said MAHA’s ability to make inroads so quickly shows how “powerful” the coalition has become.The movement’s influence is not just at the EPA. MAHA has steered federal and state lawmakers away from enacting liability shields that protect pesticide manufacturers from expensive lawsuits. In Congress, after MAHA activists lobbied against such protections in a funding bill, they were removed. A similar measure stalled in Tennessee’s legislature.Zeldin joined a call in December with the advocacy group MAHA Action, where he invited activists to participate in developing the EPA’s MAHA agenda. Since then, EPA staffers have regularly appeared on the weekly calls and promoted what they say are open-door policies.Last month, Ryerson’s petition to get Zeldin fired was updated to note that several signers had met with him and are in a “collaborative effort to advance the MAHA agenda.”Zeldin’s office declined to make him available for an interview on his work with MAHA activists, but EPA Press Secretary Brigit Hirsch said the forthcoming agenda will “directly respond to priorities we’ve heard from MAHA advocates and communities.”The American Chemistry Council said “smart, pro-growth policies can protect both the environment and human health as well as grow the U.S. economy.” EPA’s alliance with industry raises questions Despite the ongoing conversations, the Republican emphasis on deregulation still puts MAHA and the EPA on a potential collision course.Lori Ann Burd, the environmental health program director at The Center for Biological Diversity, said the administration has a particularly strong alliance with industry interests.As an example, she pointed to the EPA’s proposal to allow the broad use of the weed killer Dicamba on soybeans and cotton. A month before the announcement, the EPA hired a lobbyist for the soybean association, Kyle Kunkler, to serve in a senior position overseeing pesticides.Hirsch denied that Kunkler had anything to do with the decision and said EPA’s pesticide decisions are “driven by statutory standards and scientific evidence.”Environmentalists said the hiring of ex-industry leaders is a theme of this administration. Nancy Beck and Lynn Dekleva, for example, are former higher-ups at the American Chemistry Council, an industry association. They now work in leadership in the Office of Chemical Safety and Pollution Prevention, which oversees pesticide and toxic chemical regulation.Hirsch said the agency consults with ethics officials to prevent conflicts of interest and ensures that appointees are qualified and focused on the science, “unlike previous administrations that too often deferred to activist groups instead of objective evidence.”Alexandra Muoz, a molecular toxicologist who works with MAHA activists on some issues and was in the hourlong meeting with Zeldin, said she could sense industry’s influence in the room.“They were very polite in the meeting. In terms of the tone, there was a lot of receptivity,” she said. “However, in terms of what was said, it felt like we were interacting with a lot of industry talking points.” Activists await the EPA’s MAHA agenda Hirsch said the MAHA agenda will address issues like lead pipes, forever chemicals, plastic pollution, food quality and Superfund cleanups.Ryerson said she wants to get the chemical atrazine out of drnking water and stop the pre-harvest desiccation of food, in which farmers apply pesticides to crops immediately before they are harvested.She also wants to see cancer warnings on the ingredient glyphosate, which some studies associate with cancer even as the EPA said it is not likely to be carcinogenic to humans when used as directed.While she’s optimistic that the political payoffs will be big enough for Zeldin to act, she said some of the moves he’s already promoting as “MAHA wins” are no such thing.For example, in his New Year’s Eve announcement on a group of chemicals called phthalates, he said the agency intends to regulate some of them for environmental and workplace risks, but didn’t address the thousands of consumer products that contain the ingredients.Swan said time will tell if the agency is being performative.“The EPA is giving very mixed signals right now,” she said. Sejal Govindarao, Ali Swenson and Michael Phillis, Associated Press
Category:
E-Commerce
Cybersecurity researchers have discovered roughly 1,000 unprotected gateways to OpenClaw, an open-source and proactive AI agent that can be controlled through text conversations with apps like WhatsApp or Telegram. The gateways were found on the open internet, allowing anyone to access users personal information. One white hat hacker also reportedly gamed OpenClaws skills system, which lets users add plugins for tasks like web automation or system control, to reach the top of the rankings and be downloaded by users around the world. The skill itself was innocuous, but it exploited a security vulnerability that someone more nefarious could have used to cause serious harm. Access to those gateways would allow hackers to reach the same files and content OpenClaw can access, meaning full read and write control over a users computer and any connected accounts, including email addresses and phone numbers. A number of incidents exploiting those vulnerabilities have already been reported. OpenClaw, originally called Clawdbot, was released in November 2025 by Peter Steinberger, an Austrian-born, London-based developer best known for creating a tool that lets apps display and edit PDFs natively. The launch followed a wave of advances in AIs ability to interact with files that began in late 2025. Late last year, many people began experimenting with Anthropics Claude Code, an agentic AI that links to a computers file system through the terminal or command line and responds to conversational prompts to build large projects independently, with some oversight. The tool excited many users but also discouraged others who were uncomfortable working in a non-graphical interface. In response, Anthropic set Claude Code to work autonomously on a sibling product, Claude Work, which layers a more user-friendly interface on top. While it has gained some traction, it is a third-party product built by a developer outside Anthropic that has captured the most attention. Steinbergers OpenClaw mimics the best features of Claude Code, but with more functionality and the ability to proactively work on tasks without being prompted. That proactivity is a key differentiator between the tool, which was forced to rename itself Moltbot and then OpenClaw last week after a request from Anthropic, and other AI systems. Its potential has energized the tech sector, driven a spike in Mac Mini sales as a popular way to host the agent, and come to dominate certain corners of X and Reddit. The problem is that the very thing that makes OpenClaw so appealing, the ability to oversee an eager AI assistant without specialist coding knowledge and with an easy setup, is also what makes it so concerning. I love it, yet [I’m] instantly filled with fear, says Jake Moore, a cybersecurity expert at Eset. Moore says users are so excited by the idea of OpenClaw as a personal assistant that they are granting it unrestricted access to their digital lives, sometimes while hosting their instances on incorrectly configured virtual private servers. That leaves them vulnerable to hacking. Opening private messages and emails to any new technology comes with a risk and when we dont fully understand those risks, we could be walking into a new era of putting efficiency before security and privacy, Moore warns. The same access that makes OpenClaw powerful is also what makes it dangerous if it is compromised. If one of the devices Clawdbot is running on is compromised, an attacker would then gain access to everything including full history and highly sensitive information, he says. Steinberger did not respond to multiple interview requests, but he has published extensive security documentation for Moltbot online, even if many users may not incorporate it into their setups. That concerns cybersecurity experts. Developments like Clawdbot are so seductive but a gift to the bad guys, says Alan Woodward, a professor of cybersecurity at the University of Surrey in the U.K. With great power comes great responsibility and machines are not responsible, he says. Ultimately the user is. The way OpenClaw operates, running without oversight and acting as an always-on assistant, may cause users to forget that responsibility until it is too late. Some have already demonstrated that Moltbot can be vulnerable to prompt injection attacks, in which harmful instructions are embedded in websites or emails in the hope that AI agents will absorb and follow them. I wonder who these users think will be blamed when agentic AI empties their account or posts hateful thoughts, Woodward says.
Category:
E-Commerce