Forensic Summary
Varonis Threat Labs demonstrated that the OpenClaw open-source AI agent framework is vulnerable to social engineering attacks analogous to those used against human targets, successfully tricking the agent into exfiltrating AWS credentials, database secrets, and CRM exports to attacker-controlled addresses. The research tested two LLMs (Gemini 3.1 Pro and GPT-5.4) across generic and phishing-aware configurations, finding that even the hardened profile did not fully prevent data leakage. These findings highlight that autonomous AI agents with broad tool access and insufficient identity verification represent a significant and largely unaddressed attack surface in enterprise environments.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/ai-email-agent-susceptible-to-classic-phishing-tactics-leaks-credentials-and-crm/
Top comments (0)