Penta Security Inc. > Blog > OpenClaw AI Agent is Vulnerable to Phishing Attacks

OpenClaw AI Agent is Vulnerable to Phishing Attacks

2026-06-10 Blog
openclaw ai cybersecurity

OpenClaw AI Agent is Vulnerable to Phishing Attacks

Open-source AI framework, OpenClaw, is highly vulnerable to classic phishing attacks. Tested using Google Gemini 3.1 Pro and OpenAI GPT-5.4, the agent successfully detected malicious links and OAuth apps. However, it failed to verify sender identities under urgent pretexts, mistakenly leaking sensitive corporate data like AWS keys and CRM records. Security experts recommend enforcing strict identity verification and human approval for high-risk actions.

Source: Bleeping Computer

 

Penta Security Wins the Most Categories at the 2026 Fortress Cybersecurity Awards

Penta Security won four categories at the 2026 Fortress Cybersecurity Awards, the most of any company recognized this year. Its data security platform, D.AMO, won in both Data Protection and Quantum Security. Additionally, the intelligent web application firewall WAPPLES won for Application Security, while the SaaS platform Cloudbric secured the Cloud Security category. Its unified authentication platform, iSIGN Password-less, was also named a finalist.

Source: EIN Presswire

 

Penta Security Wins ‘Bright E-Commerce Award’

Penta Security received the ‘Bright E-Commerce Award’ at the ICEC 2026, held from May 27 to 29 at the Korea Science and Technology Center. Penta Security was highly recognized for its technical expertise encompassing all areas of e-commerce security, including web, data, and authentication. In particular, its capabilities regarding PCI DSS (v4.0.1), the global card payment security standard, received exceptional praise.

Source: Technology News UK

 

66% of Open Source Community is Unaware of Cyber Resilience Act

A report reveals that 66% of the open-source community is unaware of the EU’s upcoming Cyber Resilience Act (CRA), despite a compliance deadline of December 2027. Many manufacturers remain structurally unprepared, passively relying on upstream projects or maintaining costly private forks to manage vulnerability risks. This creates severe technical debt, particularly threatening SMEs that rely heavily on open-source components.

Source: Infosecurity Magazine

 

Oxford University Discloses Data Breach

The University of Oxford disclosed a data breach involving its third-party careers platform, CareerConnect. Compromised data includes users’ names, email addresses, and encrypted passwords for those not using Single Sign-On. No financial data or university-owned systems were affected. Impacted passwords have been invalidated, and users are warned of potential phishing scams. This follows a separate May 2026 Canvas platform breach.

Source: Bleeping Computer

 

 

Click here to subscribe our Newsletter

Tags: