Posts

If you’re running OpenClaw, stop what you’re doing and read this. Oasis Security’s research team published threat research today revealing a critical vulnerability chain in OpenClaw that enables attackers to achieve full workstation compromise — potentially including privilege escalation and credential theft — initiated entirely from a browser tab. This is a distinct and separate issue from the GHSA-mr32 CVE batch that was patched earlier this month. Compounding the urgency: SecurityScorecard has identified more than 40,000 exposed OpenClaw instances accessible from the public internet. ...

Anthropic has quietly shipped one of the more significant developer-facing features of early 2026: a formal Agent Skills framework that gives Claude agents a structured, reusable way to acquire new capabilities. If you’ve been following the OpenClaw ecosystem, this will feel familiar — OpenClaw’s own SKILL.md-based skill system predated this by months. But Anthropic’s formal framework brings first-party documentation, cross-platform compatibility, and a growing third-party marketplace that changes the calculus for teams building on Claude. ...

Enterprise data infrastructure and agentic AI are colliding in a significant way today. Confluent — the company built around Apache Kafka and real-time streaming data — has added official support for the Agent2Agent (A2A) protocol to its Confluent Intelligence platform. Alongside MCP (Anthropic’s Model Context Protocol), A2A is now a first-class citizen in Confluent’s agent orchestration layer. This is a story about infrastructure maturing to meet where agents are going — and it matters for any team building multi-agent systems on top of real-world data streams. ...

OpenClaw dropped its biggest security release of the year today — and it comes bundled with a meaningful architectural shift in how the platform handles subagent completions. Version 2026.2.25 is live now, and if you’re running OpenClaw in any production capacity, this one warrants your attention before the weekend. The Headline: 30+ Security Fixes in a Single Release That’s not a typo. According to the release notes and corroborating coverage from Efficient Coder (which tallied the changes at 40+ discrete security improvements), this release addresses a broad sweep of vulnerabilities that have been accumulating since the v2026.2.24 cycle. The categories span: ...

The AI agent race just got more competitive. Anthropic has acquired Vercept, a Seattle-based startup specializing in desktop “computer use” AI — the ability for an agent to see and control software on your screen just like a human would. The move signals that Anthropic isn’t content letting rivals like OpenAI or Microsoft dominate the agentic interface layer. What Is Vercept? Vercept was a nine-person team built around a deceptively hard problem: teaching AI to operate software through visual perception rather than APIs. Instead of integrating with an app’s code, Vercept’s tech watches the screen, reads UI elements, and acts — clicking, typing, navigating — exactly as a human operator would. ...

Stop what you’re doing and update Claude Code. Check Point Research disclosed two critical vulnerabilities today — CVE-2025-59536 and CVE-2026-21852 — that can let an attacker execute code on your machine and steal your Anthropic API key simply by having you clone and open a malicious repository. No additional interaction required. No suspicious files to download. Just opening the wrong repo is enough. What Was Disclosed Check Point Research published full technical details on both CVEs affecting Claude Code, Anthropic’s AI-powered coding assistant: ...

Perplexity just entered the agentic AI arena with a product that makes a bold claim: forget single-model assistants. Computer is a general-purpose digital worker that dynamically routes your tasks across 19 specialized AI models — picking the right tool for every micro-step of a complex workflow. It’s available now for Max plan subscribers via the web. And the design philosophy behind it is worth unpacking carefully, because it’s a direct architectural statement about where multi-agent AI is headed. ...

After OpenClaw Backlash, Quill Bets on Security-by-Design Agentic AI The enterprise honeymoon with agentic AI may be ending — and a new startup is ready to catch the disillusioned. A new Computerworld report published February 25, 2026 profiles Quill, a nascent agentic AI platform positioning itself as the security-first alternative to OpenClaw in the wake of growing concern over autonomous agents with unchecked access to enterprise systems. The timing is deliberate, and the numbers behind the bet are striking. ...

GitHub Engineering Blog: Why Multi-Agent AI Workflows Fail in Production (and How to Fix Them) Most multi-agent AI systems fail. Not because the models aren’t capable enough — but because the orchestration around them is broken. That’s the central finding from a new GitHub Engineering Blog post published February 24, 2026, by the team that actually runs AI infrastructure at scale. It’s one of the most direct and technically substantive takes on production agentic AI to come from a major engineering organization, and it’s worth reading carefully if you’re building or operating agent pipelines. ...

Anthropic’s Bombshell: 16 Million Queries, 24,000 Fake Accounts, Three Chinese AI Labs Anthropic went public Monday with an accusation that reads like a corporate espionage indictment: three Chinese AI laboratories — DeepSeek, Moonshot, and MiniMax — coordinated an industrial-scale attack designed to extract Claude’s capabilities by flooding the API with queries from fake accounts. The numbers in Anthropic’s official blog post are staggering: 16 million queries run through 24,000 fraudulent accounts using proxy services to obscure the traffic’s origin. The goal, Anthropic alleges, was model distillation at scale — using Claude’s outputs as training data to build competing models without paying the research costs. ...