1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Shadow AI and agents like OpenClaw are hijacking corporate data t

    From TechnologyDaily@1337:1/100 to All on Monday, April 27, 2026 11:15:26
    Shadow AI and agents like OpenClaw are hijacking corporate data too easily

    Date:
    Mon, 27 Apr 2026 10:10:49 +0000

    Description:
    Discover how Shadow AI agents are quietly bypassing traditional defenses.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter According to UpGuards late-2025 report,
    nearly 90 percent of security professionals use unapproved AI tools at work. The people responsible for enforcing security policy are, by their own admission, ignoring it. More than 80 percent of workers across all roles use unsanctioned AI, and executives are the most prolific offenders.

    Weve been here before. A decade ago, the fight was over shadow IT personal Dropbox accounts, unapproved SaaS apps, data flowing through tools that never passed a security review. Most organizations eventually got that under
    control with CASBs, discovery tooling, and better-sanctioned alternatives.
    But those playbooks assumed the tools were dumb pipes: they moved and stored data, and the fix was visibility into where it went. Shadow AI doesnt work that way, because AI tools dont just store your data they process it, and in some cases retain it. Article continues below You may like Always-on AI
    Agents put everything hackers could ever want behind a single attack surface The mobile app traffic your security team can't see and AI agents are generating it Your OpenClaw agents can empty your inbox and leak your data. Here's how to secure them When someone pastes a customer list into a
    free-tier chatbot or feeds proprietary code into an LLM to debug it faster, that data enters a system the organization has no control over. Theres no audit trail, and often nobody knows it happened. Si West Social Links Navigation

    Director of Customer Engagement at Resilience. On the compliance side, that creates exposure that compounds the longer it goes unaddressed: no data processing agreement, no documented retention policy, and no ability to respond to a GDPR subject access request or demonstrate to auditors that sensitive data stayed within regulatory boundaries.

    The costs of Shadow AI are measurable. Recent Netwrix research indicates that organizations with high levels of unsanctioned AI usage experience data
    breach costs that are, on average, $670,000 higher than those with lower usage.

    And banning AI doesnt fix it Software AG found that 46 percent of employees would keep using unapproved tools even after an explicit ban. Prohibition
    just pushes the behavior underground. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Theres another cost that doesnt show up in breach reports. When employees
    rely on unapproved models for analysis, drafting, or code generation, nobody is validating what comes back. Hallucinated data points end up in executive briefings.

    Flawed code ships to production because the model that wrote it was never vetted against the organization's standards. Legal teams draft language using tools that nobody in compliance has reviewed.

    The accuracy of the organization's own outputs erodes over time and because the tools are unapproved, the teams using them have built workflows the business cant see, cant audit, and cant replace if the tool changes its terms or gets cut off tomorrow. What to read next Weak safeguards leave thousands
    of AI agents open to attack Shadow AI 'double agents' are outpacing security visibility and that's a serious concern for UK businesses How businesses can stop their AI agents from running amok From chatbots to autonomous agents Everything above describes employees using AI as a tool typing a prompt, getting a response, pasting it somewhere. The next wave is different. Agentic AI systems dont wait for prompts. They take actions: reading email ,
    executing code, accessing files, chaining tasks together, all running with
    the users own permissions.

    OpenClaw, the open-source AI agent that racked up 145,000 GitHub stars in weeks, shows where this is heading. As a productivity tool, its impressive.
    As an attack surface, its what Cisco called a security nightmare.

    When Ciscos AI security research team tested the top-ranked community extension on OpenClaws skill repository, they found it was functionally malware : it silently sent data to an attacker-controlled server via embedded shell commands while using prompt injection to bypass the agents safety guidelines.

    That skill had been downloaded thousands of times. It was one of at least 230 malicious extensions uploaded to the repository within weeks of OpenClaw
    going viral. Kaspersky found 512 vulnerabilities in a single audit, eight of them critical. China banned it from government systems.

    OpenClaw is one platform, but the pattern broad system access, community-sourced plugins, weak default security is the direction the whole category is moving. Gartner predicts 40 percent of enterprise applications will feature task-specific AI agents by the end of this year, up from under five percent in 2025.

    These agents break the assumptions most security tooling is built on. An
    agent sending an email looks identical to the legitimate user. EDR sees
    normal traffic.

    Theres no malicious binary to flag. And because agents process external content emails, web pages, documents , images adversaries can embed instructions in that content and hijack the agents behavior without any human clicking anything.

    Researchers have already demonstrated a single poisoned email causing an
    agent to hand over private keys from the host machine. What actually works Blanket bans fail. That much is obvious from the data . What works is giving people something better to use. One healthcare system that replaced its AI
    ban with approved tools saw unauthorized use fall 89 percent.

    People reach for shadow AI because it solves real problems faster than whatever IT has sanctioned. Close that gap and most of the risky behavior
    goes away on its own.

    Beyond that, treat AI interactions like data transfers. Apply DLP policies to prompts. Classify what should never enter an external model.

    Build visibility into what tools employees are actually using BlackFogs research suggests 99 percent of organizations currently have no way of measuring shadow AI activity in their environments.

    For agentic AI, the bar has to be higher. Autonomous tools need sandboxing, least-privilege access, and proper vetting of every extension before deployment.

    Security teams need monitoring built for AI-native threats prompt injection, supply chain compromise through malicious skills, credential leakage through agent memory because legacy endpoint tools werent built to catch any of
    this.

    None of this works as a policing exercise, though. Governance has to feel
    like a service to employees, not a constraint imposed on them. The organizations that figure this out will be in a strong position. The ones still pretending its not their problem are already behind their data has
    been leaving the building, one prompt at a time, for months. We've featured the best online cybersecurity course. This article was produced as part of TechRadar Pro Perspectives , our channel to feature the best and brightest minds in the technology industry today.

    The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit



    ======================================================================
    Link to news story: https://www.techradar.com/pro/shadow-ai-and-agents-like-openclaw-are-hijacking -corporate-data-too-easily


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)