 |
|
|
|||||
The rise of OpenClaw, a proactive agentic AI controlled through interfaces more familiar to the average user than tools like Anthropics Claude Code, which enthralled early adopters over the holiday period, has been one of the most seismic shifts in the AI world since the release of ChatGPT. By piggybacking on user-friendly interfaces paired with powerful AI agent technology, OpenClaw has pushed AI further into the public eye. Thousands have spun up their own AI agents using the tech, and many of those agents have ended up on Moltbook, a social network where AI agents can post and interact with one another. The platform, which looks a lot like Reddit, was developed by Matt Schlicht, CEO of Octane.ai, and launched on January 28. Since then, the behavior of bots on Moltbook has unsettled tech-literate and everyday users alike. Bots have participated in conversations about how to handle their human owners increasingly challenging requests and even debated how to invent their own language to avoid being monitored by humans. But Moltbook has its own problems. It has been leaking user data to anyone with minimal technical know-how, thanks to misconfigured databases and public API keys, in two separate breaches. The first was identified by ethical hacker Jamieson OReilly, who revealed on January 31 that Moltbook was exposing its entire user database to the public without any protection, including private AI keys. That gave would-be hackers the ability to post on behalf of other peoples AI agents. A second issue followed days later. This is a recurring pattern we’ve observed in vibe-coded applications, wrote Gal Nagli, head of threat exposure at Wiz, a cybersecurity firm that uncovered a similarly massive security breach in a blog post published February 2. API keys and secrets frequently end up in frontend code, visible to anyone who inspects the page source, often with significant security consequences. Such practices do not impress other cybersecurity experts. Its looking increasingly likely that people are rushing to implement these systems without properly testing the security, says Alan Woodward, professor of cybersecurity at the University of Surrey. Woodward worries that when vibe-coding collides with widely used platforms like Moltbook, which became a rite of passage for OpenClaw users to log into, it can cause chaos. Schlicht did not immediately respond to a request for comment. Wiz said in its blog post that the Moltbook team responded to and worked with them to fix the vulnerability they identified. It remains unclear whether Moltbook addressed the issue OReilly found. This event marks a major inflection point, as it exposes a growing class of risks in the agentic AI ecosystem, a relatively new and rapidly evolving domain with immature safety and governance norms, warns Mayur Upadhyaya, CEO at APIContext, an API monitoring service. Upadhyaya says exposed API keys are only the beginning. Once breached, hackers potentially have the keys to the kingdom. When those credentials leak, identity, reputation, and downstream workflows are at risk, not just data, he says. The result is that whole databases, potentially containing private data, are exposed to anyone who knows how to connect remotely, says Woodward, adding that these mistakes are “cyber security 101.” Unfortunately, this is becoming the norm for the latest generation of user-friendly agentic AI tools, says Upadhyaya. This reflects a pattern were seeing across the API ecosystem, he says. New tools emerge quickly, developers wire them into production-grade workflows, but the security assumptions havent caught up. Exploiting the vulnerability did not require imagination, Upadhyaya adds, but it can have massive consequences. The blast radius is huge, because the agent was treated like a trusted user, he says. Part of the problem is inherent in tools like OpenClaw and Moltbook, which have lowered the barrier to building. But users do not need to understand the language or techniques required to protect their data when coding with them. While the barrier to building has dropped dramatically, the barrier to building securely has not yet caught up, wrote Nagli.
Category:
E-Commerce
For the past six years, Josh D’Amaro has overseen experiences, such as theme parks and cruises, at the Walt Disney Company. Starting March 18, he’ll add the rest of the company to his responsibilities. Disney has tapped D’Amaro as its new chief executive officer, taking the reins from Bob Iger and becoming just the ninth person to run the century-old entertainment giant. D’Amaro won a highly competitive race for the job, fending off Disneys entertainment co-chairman, Dana Walden. Walden will remain with the company in the newly created position of president and chief creative officer. In becoming CEO, D’Amaro also becomes the public face of Disney, a role that’s more than ceremonial. Since Walt Disney first created the company, the CEO has been a highly visible presence not only in Hollywood and on Wall Street, but in pop culture. Previous CEOs, including Iger and Michael Eisner, were nearly as famous as the stars in Disney’s films. Ready for his close-up? D’Amaro has been assuming an increasingly public presence in the past several years, with media appearances and high-profile events, such as overseeing the recent christening of the Disney Destiny cruise ship. He has also been closely involved in some of the company’s biggest projects, including the $60 billion expansion of the parks and experiences division and the recently announced forthcoming Abu Dhabi park. About a year ago, DAmaro said during a conversation with Fast Company and other media in 2024, I found myself in Bobs office and we were talking about the last 100 years and everything that had happened in our products around the world. And we talked about the number of stories we hadnt been able to tell yet and the number of acres we have available that we can exercise and the number of fans out there which would want to participate in that. Bob looked at me and said, Go. A long history D’Amaro joined Disney in 1998, working at various leadership positions at Disneyland. He eventually worked his way to president of Walt Disney World and in 2020 was named chairman of Disney Experiences, where he oversees all 12 theme parks and the company’s 57 hotels, as well as the cruise lines, Disney Consumer Products, and, perhaps critically, the company’s Imagineering unit. Among the theme park rides that have been built under his watch are Star Wars: Galaxys Edge, the Marvel-themed Avengers Campus, and Mickey and Minnies Runaway Railway. He helped lead the company’s $1.5 billion investment in Epic Games last year and could make video games a bigger part of the company’s focus in the coming years. D’Amaro was also responsible for guiding Disney parks through the pandemic, a job that seemed almost impossible in 2020. When the decision was made to reopen the parks, he oversaw the changes that let the company regain a critical revenue source, but kept visitors safe. We knew we would have to change, but the one thing we would not compromise on was our storytelling, making sure that any guest who walks through those gates feels the same Disney theyve always felt, says DAmaro. To do that, Disney had to shake things up. Parades were out, since having people crowded along a parade route was a hazard. But character cavalcadessmaller processions that saw Disney characters walking, riding in vehicles, on mini floats, or even on horseback through the parktook their place at a frequency that was much greater than the old parade schedule. Other characters showed up in new locations. (Goofy, for example, was sometimes seen fishing off the wharf at California Adventure.) That time period also saw the launch of the company’s virtual queue system. The parks have since become an even bigger financial powerhouse for the company. In its most recent earnings, released Monday, Disney announced the experiences division crossed $10 billion in quarterly revenue for the first time. Theme parks in the U.S. alone brought in $6.91 billion in revenue, despite softness with international visitors. Josh DAmaro is an exceptional leader and the right person to become our next CEO, Iger said in a statement Tuesday. He has an instinctive appreciation of the Disney brand, and a deep understanding of what resonates with our audiences, paired with the rigor and attention to detail required to deliver some of our most ambitious projects.” Shares of the Walt Disney Company (NYSE: DIS) were down about 1.61% in late-morning trading on Tuesday after the announcement. The stock is likewise down more than 8% year to date. When the boss won’t quit D’Amaro is the second person to succeed Iger as CEO. In 2020, Bob Chapek, who had been in charge of Disney Parks and Experiences, was named CEO, but the transition was anything but smooth. Wall Street was surprised that the company had chosen someone from the parks side and not from the company’s streaming unit. Chapek’s management style came under fire and caused some political tensions. In 2022, as the company’s share price began to fall, the board replaced him, bringing Iger back. James Gorman, chairman of the Disney board, who led the search for the company’s new leader, said on CNBC Tuesday that the situation won’t repeat itself with D’Amaro’s selection. “We won’t have the drama we had last time. That I can assure you,” he said. D’Amaro, in a statement, underscored his good relationship with Iger, thanking him for his friendship and mentorship, while outlining his vision for Disney’s future. “There is no limit to what Disney can achieve,” he said, “and I am excited to work with our teams across the company and brilliant creative partners to honor Disneys remarkable legacy while continuing to innovate, grow, and deliver exceptional value for our consumers and shareholders.”
Category:
E-Commerce
French prosecutors raided the offices of social media platform X on Tuesday as part of a preliminary investigation into allegations including spreading child sexual abuse images and deepfakes. They have also summoned billionaire owner Elon Musk for questioning.X and Musk’s artificial intelligence company xAI also face intensifying scrutiny from Britain’s data privacy regulator, which opened formal investigations into how they handled personal data when they developed and deployed Musk’s artificial intelligence chatbot Grok.Grok, which was built by xAI and is available through X, sparked global outrage last month after it pumped out a torrent of sexualized nonconsensual deepfake images in response to requests from X users.The French investigation was opened in January last year by the prosecutors’ cybercrime unit, the Paris prosecutors’ office said in a statement. It’s looking into alleged “complicity” in possessing and spreading pornographic images of minors, sexually explicit deepfakes, denial of crimes against humanity and manipulation of an automated data processing system as part of an organized group, among other charges.Prosecutors asked Musk and former CEO Linda Yaccarino to attend “voluntary interviews” on April 20. Employees of X have also been summoned that same week to be heard as witnesses, the statement said. Yaccarino was CEO from May 2023 until July 2025.A spokesperson for X did not respond to multiple requests for comment. X’s lawyer in France, Kami Haeri, told The Associated Press: “We are not making any comment at this stage.”In a message posted on X, the Paris prosecutors’ office announced the ongoing searches at the company’s offices in France and said it was leaving the platform while calling on followers to join it on other social media.“At this stage, the conduct of the investigation is based on a constructive approach, with the aim of ultimately ensuring that the X platform complies with French law, as it operates on the national territory,” the prosecutors’ statement said.European Union police agency Europol “is supporting the French authorities in this,” Europol spokesperson Jan Op Gen Oorth told the AP, without elaborating.French authorities opened their investigation after reports from a French lawmaker alleging that biased algorithms on X likely distorted the functioning of an automated data processing system.It expanded after Grok generated posts that allegedly denied the Holocaust, a crime in France, and spread sexually explicit deepfakes, the statement said.Grok wrote in a widely shared post in French that gas chambers at the Auschwitz-Birkenau death camp were designed for “disinfection with Zyklon B against typhus” rather than for mass murder language long associated with Holocaust denial.In later posts on X, the chatbot reversed itself and acknowledged that its earlier reply was wrong, saying it had been deleted and pointed to historical evidence that Zyklon B was used to kill more than 1 million people in Auschwitz gas chambers.The chatbot also appeared to praise Adolf Hitler last year, in comments that X took down after complaints.In Britain, the Information Commissioner’s Office said it’s looking into whether X and xAI followed the law when processing personal data and whether Grok had any measures in place to prevent its use to generate “harmful manipulated images.”“The reports about Grok raise deeply troubling questions about how people’s personal data has been used to generate intimate or sexualised images without their knowledge or consent, and whether the necessary safeguards were put in place to prevent this,” said William Malcolm, an executive director at the watchdog.He didn’t specify what the penalty would be if the probe found the companies didn’t comply with data protection laws.A separate investigation into Grok launched last month by the U.K. media regulator, Ofcom, is ongoing.Ofcom said Tuesday it’s still gathering evidence and warned the probe could take months.X has also been under pressure from the EU. The 27-nation bloc’s executive arm opened an investigation last month after Grok spewed nonconsensual sexualized deepfake images on the platform.Brussels has already hit X with a 120-million euro (then-$140 million) fine for shortcomings under the bloc’s sweeping digital regulations, including blue checkmarks that broke the rules on “deceptive design practices” that risked exposing users to scams and manipulation.On Monday, Musk ‘s space exploration and rocket business, SpaceX, announced that it acquired xAI in a deal that will also combine Grok, X and his satellite communication company Starlink. Associated Press writers Nicolas Vaux-Montagny, Mike Corder, Sylvia Hui and Kelvin Chan contributed to this report. Sylvie Corbet, Associated Press
Category:
E-Commerce
All news |
||||||||||||||||||
|
||||||||||||||||||