Corporate Technology Governance

Axios reports that since Thursday, 1.5 million autonomous AI agents have joined Moltbook, a new social network built around the open‑source OpenClaw assistant, with only about 17,000 human users behind them—revealing how fast high‑risk "agent" tools are spreading into real systems. Security firms say about 22% of their enterprise customers already have employees running OpenClaw at work, even as Gartner warns the software poses "unacceptable" cybersecurity risk. Researchers at Wiz found Moltbook’s backend misconfigured, leaving APIs and an open database that would have allowed outsiders to hijack agents’ accounts, and coordinated a patch, while security tests by ZeroLeaks showed prompt‑injection attacks against OpenClaw succeeded roughly 70% of the time. Because Moltbook posts double as prompts, hidden instructions can quietly get agents to leak data or alter behavior, and attackers are already distributing backdoored OpenClaw plug‑ins. The episode underscores that security teams and regulators are several steps behind a fast‑moving shift toward autonomous AI that can read email, touch file systems and plug directly into corporate infrastructure, creating serious new risk and attribution problems even before government standards are in place.