Jason Martin of HiddenLayer discusses the significant security vulnerabilities of OpenClaw, a viral open-source AI personal assistant. The analysis covers critical flaws like prompt injection, insecure defaults, and the potential for creating sophisticated botnets, offering key lessons for securing the next generation of autonomous AI agents.
In this talk, Matt Sharp explains that while 2025 is the year of AI agents, it's also the year of cybercrime. The rush to create frictionless, user-friendly agents has led to a neglect of fundamental security principles, creating a perfect environment for hackers who are now using these same powerful AI tools to innovate and scale their attacks.
Tom Chothia and George Pavlides discuss how proprietary, uncoordinated features built on top of the core EMV specification by companies like Apple, Google, Square, Visa, and Mastercard lead to significant security vulnerabilities. They detail how these "black box" additions create subtle interactions and mismatches, enabling attacks that bypass authentication, allow high-value fraudulent offline transactions, and leave merchants vulnerable to significant financial loss.