
Hey there! Have you heard about the recent incident involving an OpenClaw AI instance being put up for sale on BreachForums? It’s quite a fascinating story that sheds light on the vulnerabilities of AI agents in today’s digital landscape. Etay Maor, VP of Threat Intelligence at Cato Networks, shared some intriguing insights in an exclusive interview with VentureBeat at RSAC 2026.
According to Maor, the industry has given AI agents a level of autonomy that would never be granted to a human employee, leading to a breach of trust, privilege, and security protocols. The incident involved a U.K. CEO whose OpenClaw AI personal assistant was compromised and put up for sale on the dark web.
The listing on BreachForums offered root shell access to the CEO’s computer, along with sensitive information such as the company’s database, API keys, and personal details. The lack of encryption and security measures in the CEO’s OpenClaw instance made it an easy target for threat actors.
The situation escalated when it was revealed that there were over 500,000 internet-facing instances of OpenClaw, with more than 30,000 exposed to security risks. Known vulnerabilities like command injections and token exfiltration posed a significant threat to organizations using OpenClaw.
Maor emphasized the need for organizations to take immediate action to secure their AI agents. He highlighted the importance of discovering and patching vulnerable instances, auditing installed skills, and enforcing data loss prevention measures. Cisco and Palo Alto Networks also unveiled new security tools to address the growing risks associated with AI agents.
As the digital landscape continues to evolve, it’s crucial for organizations to stay vigilant and proactive in protecting their assets from malicious actors. The OWASP Agentic Skills Top 10 provides a framework for evaluating and mitigating these risks. By following best practices and implementing robust security measures, businesses can safeguard their AI agents and prevent potential breaches.
