In a report shared with WIRED, the Valere researchers added that users have to “accept that the bot can be tricked.” For instance, if OpenClaw is set up to summarize a user’s email, a hacker could send a malicious email to the person instructing the AI to share copies of files on the person’s computer.yah ok.
But Pistone is confident that safeguards can be put in place to make OpenClaw more secure. He has given a team at Valere 60 days to investigate. “If we don’t think we can do it in a reasonable time, we’ll forgo it,” he says. “Whoever figures out how to make it secure for businesses is definitely going to have a winner.”
...and after I first drafted this: M
icrosoft says Office bug exposed customers’ confidential emails to Copilot AI
Microsoft has confirmed that a bug allowed its Copilot AI to summarize customers’ confidential emails for weeks without permission.
The bug, first reported by Bleeping Computer, allowed Copilot Chat to read and outline the contents of emails since January, even if customers had data loss prevention policies to prevent ingesting their sensitive information into Microsoft’s large language model.