There are reports of OVHcloud-related data being posted on a forum for sale. No official confirmation so far from OVHCloud. Given OVHβs scale, potential impact could be significant depending on scope, especially in Europe
UPDATE: OVHcloud CEO, Octave Klaba has commented that the sample dataset was not found in their system.
Watching OpenClaw do its thing must be like watching the first plane take flight. It's a bit rickety and stuck together with a lot of sticky tape, but squint and you can see the potential for agentic AI to change the world as we know it. And I don't think that's hyperbolic. A lot of what people claim to have done with it is hyperbolic, and as with all new tech, the challenge is to cut through the noise and find the value. Stay tuned for more on that, as I've already found some really useful applications for it to help me do my job better, which I think I should devote my next weekly vid to just that.
Most AI security testing focuses on the model: prompt injection, jailbreaking, and output filtering.
We've been working on something different: testing the agent *system*. The protocols, integrations, and decision paths that determine what agents do in production. The result is a framework with 209 tests covering 4 wire protocols:
**MCP (Model Context Protocol)** Tool invocation security: auth, injection, data leakage, tool abuse, scope creep
**A2A (Agent-to-Agent)** Inter-agent communication: message integrity, impersonation, privilege escalation
**L402 (Lightning)** Bitcoin-based agent payments: payment flow integrity, double-spend, authorization bypass
**x402 (USDC/Stablecoin)** Fiat-equivalent agent payments: transaction limits, approval flows, compliance
Every test maps to a specific OWASP ASI (Agentic Security Initiatives) Top 10 category. Cross-referenced with NIST AI 800-2 categories for compliance reporting.
```
pip install agent-security-harness
```
20+ enterprise platform adapters included (Salesforce, ServiceNow, Workday, etc.).
MIT license. Feedback welcome. Especially from anyone running multi-agent systems in production. What attack vectors are we missing?
SnappyClient is a malware found by Zscaler that uses a custom binary protocol (encrypted and compressed) to communicate with its C&C server, with little to work with when it comes to network detection.
At Netomize, we set out to write a detection rule targeting the encrypted message packet by leveraging the unique features of PacketSmith + Yara-X detection module, and the result is documented in this blog post.
Schneider Electric has addressed two vulnerabilities disclosed by Team82 in its Modicon Controllers M241 / M251, and M262 PLC line. The vulnerabilities can allow an attacker to cause a denial-of-service condition that affects the availability of the controller.
Read more on our Disclosure Dashboard: http://claroty.com/team82/disclosure-dashboard
Or download SE's advisory: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2026-069-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2026-069-01.pdf
Login