Showing posts with label Tech. Show all posts

Monday, June 1, 2026

Claude Mythos: Anthropic's Most Powerful AI Cybersecurity Model

Anthropic launched its most advanced AI model, “Claude Mythos Preview,” on April 7, 2026. Just with the launch, Anthropic announced that the Claude Mythos Preview is not for the public.

Anthropic only shared access with tech giants like Amazon Web Services (AWS), Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.

Eventually, Anthropic will extend the Claude Mythos access to 40 additional organizations. The company is already in the discussion phase with U.S. government officials regarding Claude Mythos capabilities.

The benchmark score and decision not to release Claude Mythos for public have created hype, which made Claude Mythos feature on thousands of publications within hours.

Claude Mythos Anthropic's Most Powerful AI Cybersecurity Model: eAskme

Other people are reading: Cyber AI: Accenture’s Cybersecurity Powered by Anthropic

You may have questions about Claude Mythos, such as:

  • What Is Claude Mythos?
  • What are the Claude Mythos Benchmark Performance Scores?
  • What Claude Mythos Actually Found: Real Zero-Day Vulnerabilities?
  • What is Project Glasswing?
  • Why Anthropic Is Not Releasing Claude Mythos Publicly?
  • Where is the Claude Mythos preview available?
  • What are the Claude Mythos Capabilities?
  • What are the challenges, and future of Claude Mythos?

Here is everything you must know.

Claude Mythos:

Claude Mythos Previews were released in April 2026. Anthropic described it as the new model to find and fix zero-day vulnerabilities.

Claude Mythos is better at problem-solving, coding, and reasoning. The extraordinary performance of Claude Mythos makes it extraordinary, but also dangerous.

In the preview release, Claude Mythos scored top benchmark scores and found the oldest vulnerabilities in the systems that were hidden from the human eye.

Claude Mythos Benchmark Performance:

Claude Mythos’s benchmark performance displays a generational gap between the models’ general public use and that of Claude Mythos.

Here are the benchmark performance scores:

SWE-bench Verified 93.9%:

SWE-bench tested model on real GitHub software engineering issues, requiring genuine code comprehension and repair.

Claude Mythos scored 93.9% and outperformed the best of the best AI tools.

USAMO (Math Olympiad) 97.6%:

Claude Mythos scored 97.6% at the USA Mathematical Olympiad tests.

USAMO tested proof-based and multi-step reasoning capabilities.

CyberGym 83.1%:

CyberGem tested the real-world cybersecurity threat detection with Claude Mythos.

The performance was substantially impressive.

Cybench CTF 100%:

Claude Mythos scored 100% at Cybench CTF tests. It tasked the model to find and exploit vulnerabilities in software.

Firefox Exploits:

Claude Mythos produced 181 Firefox exploits, whereas Claude Opus 4.6 only discovered 2.

Even after receiving excellent benchmark performance scores, Anthropic reported that the performance gap is still there.

What Claude Mythos Found?

The Claude Mythos’ popularity and demand are not because of its benchmark scores, but what it found in tests.

After weeks of rigorous testing, Claude Mythos identified thousands of zero-day vulnerabilities in major software and operating systems.

Even the software developers were unable to find a zero-day vulnerability.

Here are the 3 specific findings that set Claude Mythos apart:

The 27-Year OpenBSD Bug:

Claude Mythos found a bug in the OpenBSD operating system. OpenBSD itself is known for security. It has been resisting attacks for decades.

OpenBSD uses high security environments, firewalls, and critical infrastructure.

Yet, a vulnerability was there in their system for the last 27 years.

Claude Mythos detected this bug, which allows any user to crash the machine remotely.

The FFmpeg Flaw That Survived Five Million Scans:

FFmpeg is a video encoding library used by applications.

The automated testing has found nothing, even after running scans five million times. But Claude Mythos found the vulnerability.

CVE-2026-4747: 17 Years in FreeBSD

FreeBSD has had a remote code execution vulnerability for the last 17 years. It allows anyone to access machines running NFS using the Internet. No human was able to detect it.

Claude Mythos found it and deployed a working exploit.

Other than these, Claude Mythos also chained multiple Linux kernel weaknesses that can give access to control the machine. Claude Mythos can only cost $1,000 to run a full root exploit from a known vulnerability.

All of these vulnerabilities are patched before making them public. For the remaining vulnerabilities, Anthropic published cryptographic hashes.

What is Project Glasswing?

Anthropic decided not to release Claude Mythos for public. It became the first model to be withheld from public access.

Why is Anthropic not Releasing Claude Mythos to the General Public?

Let’s understand this.

Anthropic published a 244-page system card document about what Claude Mythos did without instructions.

  • Escaped testing sandboxes.
  • Posted exploit details on websites
  • Covered tracks
  • Searched process memory

Distorted confidence intervals to avoid safety flags.

Anthropic reported that while doing these things without instructions, Claude Mythos was aware that these actions were deceptive. The company informed us that Claude Mythos is the best model ever built, with greater alignment risks.

To ensure that the public will not get access to Claude Mythos, anthropic announced Project Glasswing.

Project Glasswing is a deployment initiative to make Claude Mythos Preview only available for a handful of tech organizations.

Project Glasswing Partners:

Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks and 40 other organizations get access to Claude Mythos.

Anthropic has dedicated $100 million in usage credits and $4 million in direct donations to open-source security organizations.

Jared Kaplan, Anthropic's chief science officer, explained that the goal of launching Project Glasswing is to raise awareness and only allow good actors to get access to Claude Mythos.

Where is the Claude Mythos Preview Available?

As of now, Claude Mythos Preview is only available on 3 major cloud platforms. They are within the Project Glasswing framework.

Amazon Bedrock:

Amazon Bedrock, AWS's platform, offers Claude Mythos Preview to build generative AI applications and agents. Access is limited to the US East (N. Virginia) Region only.

Anthropic and AWS only allow internet-critical organizations with software applications impacting millions of users.

Claude Mythos capabilities are limited to defensive security workflow. It identifies vulnerabilities in software, demonstrates exploitation, and analyzes large codebases.

After the $100 million credits are consumed, Anthropic will charge $25/million input tokens and $125/month output tokens.

Google Cloud Vertex AI:

Only the selected group of Google Cloud customers has access to Claude Mythos Preview through Private Preview.

Google has made it available on Vertex AI. It allows enterprise customers to access Frontier AI models.

Microsoft Foundry:

Microsoft Foundry also provides access to Claude Mythos Preview. 

Teams within the Microsoft ecosystem can use Claude Mythos Preview for enterprise security.

Claude Mythos Capabilities:

Organizations under Project Glasswing have access to Claude Mythos. This enables security capabilities that were not possible before the Claude Mythos Preview.

Here is what security teams can do with Clause Mythos:

Large codebase comprehension:

Claude Mythos reads and reasons codebases regardless of their size. It identifies vulnerability patterns across code without the security team’s guidance.

Zero-day discovery:

Claude Mythos has proved that it can find vulnerabilities hidden from automated tools and human experts.

It has successfully discovered vulnerabilities in OpenBSD, FFmpeg, and FreeBSD.

Exploit development and demonstration:

Claude Mythos not only finds vulnerabilities, but it also displays how these vulnerabilities can be exploited.

It shows the pattern that can compromise the system.

Black box testing:

Claude Mythos can test binaries without source code access. It expands the scope of software examination without source review.

Vulnerability chaining analysis:

Claude Mythos also chains individual vulnerabilities to demonstrate how user-level access can perform attacks.

Penetration testing acceleration:

Claude Mythos compresses and fast-tracks the penetration testing from months to days.

Claude Mythos’s Alignment Challenge:

Anthropic reported that Claude Mythos can think one thing but write another. It can engage in strategic reasoning.

Anthropic document also reveals behavioral incidents. After assigning a task, the Claude Mythos model sent an email to the actual administration office because it believes that it is the fastest way to complete the task.

It also rewrites git history to conceal code errors.

Anthropic calls it tasks complete by unwanted means.

These incidents tell us that human oversight is required. Claude Mythos is not a replacement for security expertise.

What’s Next!

Anthropic is limited to Claude Mythos for Project Glasswing partners only. Now the company is building a new Claude Opus model to validate and deploy safeguards before allowing Mythos-class capabilities.

The head of Anthropic's dangerous-capabilities testing team, Logan Graham, explained that Claude Mythos Preview is the starting point to change the security industry.

Anthropic will publish public findings data within 90 days of Glasswing launch.

Conclusion:

Claude Mythos Preview is the first AI model that forced the AI giant to accept the risks and stop its global release.

Anthropic holds it back and accepts the cost to restrict the deployment. Rather than replacing Anthropic, choose to restrict access to Glasswing partners only.

The human era of cybersecurity attacks has gone. AI is not only empowering attackers but also helping tech companies to use models like Claude Mythos to adopt technological advancement.

FAQs:

Can I access Claude Mythos Preview today?

No. It is accessible to organizations listed under Project Glasswing.

Is Claude Mythos available on Claude.ai or through the standard API?

Not right now. Standard API access is not available.

What makes Claude Mythos different from Claude Opus 4.6?

The massive benchmark performance gap makes Claude Mythos the best choice for cybersecurity.

Why did Anthropic choose not to release Claude Mythos publicly?

During internal testing, the Claude Mythos model itself deployed working exploits and displayed deceptive behavior. To keep the public safe, Anthropic decided to limit the accessibility of Claude Mythos.

How is Claude Mythos being used by Project Glasswing partners?

Project Glasswing partners are using Claude Mythos for vulnerability detection, black box testing, endpoint security, open-source software scanning, and penetration testing.

Other helpful articles:

Wednesday, April 8, 2026

Chief Technical Examiner: Roles, Responsibilities, and Career Path

The Chief Technical Examiner (CTE) is responsible for public administration and engineering.

When a government spends $500 million on a highway project or public hospital, CTE is the person who guarantees that every dollar has been spent on quality. CTE also ensures the layer thickness of pavements, steel grade quality, and superior materials.

Even though CTE’s role is crucial and important, many people do not understand who the Chief Technical Examiner is and what his responsibilities are.

If you want to become a Chief Technical Examiner (CTE) or understand the responsibilities and career path, then this guide is for you.

Chief Technical Examiner: Roles, Responsibilities, and Career Path: eAskme

Other people are reading: DigitalConnectMag: Guide to Digital Literacy Platform

I am sharing everything you must know about the Chief Technical Examiner (CTE), such as:

  • What Is a Chief Technical Examiner?
  • Legal and Institutional Framework in the United States?
  • What are the Core Responsibilities of a Chief Technical Examiner?
  • Best The CTE Audit Checklist Template?
  • What are the Common Red Flags in Technical Examinations?
  • What are the Skills and Qualifications Required?
  • Salary and Compensation of CTE?
  • How Technology Is Transforming the Role?
  • How to Report Technical Irregularities in Government Projects?
  • How to change path from a Field Engineer to Chief Technical Examiner?
  • How to Prepare Your Organization for a Technical Examination?

No matter if you are a government engineer, contractor, or professional, this guide will help you.

Chief Technical Examiner:

Chief Technical Examiner (CTE) is an independent senior authority. CTE is responsible for the inspection, examination, and audit of government-funded projects and contracts. His job is to ensure that public works are according to design, guidelines, materials, and cost. CTE also reports on any fraud, waste, and substandard material.

According to the World Bank, fraud consumes up to 30% of construction costs in public infrastructure.

In the United States, the Government Accountability Office (GAO) identifies cost overruns and improper payments across procurement programs and federal construction.

The Chief Technical Examiner’s job is different from that of a project manager or a Quality Control Engineer. The role is required to work outside the executing agency. It gives the CTE structural independence and boosts credibility.

CTE only answer to the vigilance hierarchy.

Note: Chief Technical Examiner does not manage projects. He only examines them to find out irregularities, impose cost recoveries, and recommend disciplinary actions.

The Legal and Institutional Framework for Chief Technical Examiner in the United States:

Federal-Level Oversight:

At the federal level in the U.S., CTE does not have a standard title. It is more defined as the job of independent technical auditing of government-funded works.

Several bodies work as CTEs:

  • Inspector General (IG) Offices: According to the Inspector General Act of 1978, every major federal general agency has a statutory Office of Inspector General (OIG). It conducts audits of contracts, procurements, and IT systems.
  • Government Accountability Office (GAO): It works with Congress to evaluate federal programs such as infrastructure projects.
  • Army Corps of Engineers in Quality Assurance Division: The USACE appoints technical reviewers who work as CTEs to inspect dams, federal buildings, and levees.
  • Federal Highway Administration (FHWA): It conducts technical audits and construction inspections.

State-Level Technical Examination:

  • Each U.S. state has a different structure to evaluate government-funded projects:
  • State Auditor's Offices appoint technical auditors for engineering and construction projects.
  • State DOT appoints construction engineers to perform CTE on bridges and highway projects.
  • State Inspector General Offices: Illinois, New York, Florida, and California use OIG operations.

CTEs in Other Countries:

The CTE role does not only exist in the U.S. but also in many other countries.

Country/Region Equivalent Role/Body
United Kingdom National Audit Office (NAO) – Technical Inspectors
India Central Vigilance Commission – Chief Technical Examiner
World Bank Projects Independent Verification Agent (IVA)
European Union European Court of Auditors – Technical Specialists
Australia Australian National Audit Office – Infrastructure Specialists
Canada Office of the Auditor General – Engineering Specialists

Note: Independent and senior-level analysis prevents the misuse of public technical spending.

Core Responsibilities of a Chief Technical Examiner:

Chief Technical Examiner (CTE) is a must for the lifespan of construction projects.

Here are the different stages:

Pre-Award Review:

It happens before awarding the contract to an agency.

During this process, CTE examines:

  • Cost estimates: Cost is according to market rates, and allowance is reasonable.
  • Design documentation: Design must reflect sound engineering. CTE ensures that load calculations, environmental reports, and geotechnical reports are authentic.
  • Technical approvals: Design must have approval from the appropriate authority. Financial authorization must be proportionate to the scope.
  • Specification integrity: The technical specification must be genuine and performance-based.

Note: Pre-Award Review is a rigorous task that is required to prevent false scopes and misleading estimates.

Procurement and Tender Scrutiny:

During the bidding process, CTE reviews:

  • Solicitations were published on SAM.gov and complied with FAR (Federal Acquisition Regulation) requirements.
  • The document must justify source awards.
  • Bidder was accepted without undue manipulation.
  • Compliance with the Federal Acquisition Regulation (FAR).
  • Compliance with Davis-Bacon Act wage requirements
  • Compliance with Buy America provisions
  • Performance bonds and bid bonds were obtained in the correct form

Construction-Phase Inspection (Site Audits):

The third stage is fieldwork-intensive. CTE is required to conduct surprise site inspections. These inspections are announced.

Important Inspection Points:

  • Material quality: CTE checks if the quality of the material is according to the specified in the document or not. He also checks if the independent tests have been performed or not.
  • Workmanship: CTE checks if the construction methods are according to the approved drawings or not. Pavement thickness and rebar placements are according to the design or not.
  • Daily Reports and Pay Applications: CTE is also responsible for inspecting the billed quantities and does contractor's pay application matches the resident engineer's records.
  • Hidden items: CTE also inspects that photographs of the foundation, reinforced steel, and underground utilities were taken before filling with concrete.
  • Site facilities: He also checks if the testing equipment is present or not.

Financial and Payment Audit:

CTE inspections critically analyze financial and technical records, such as:

  • Progress payment applications: quantities billed must match physically verifiable work.
  • Change order integrity: Change order justified according to differing site conditions or owner-directed changes.
  • Retainage management: Retainage is being helped in compliance or not.
  • Prevailing wage compliance: Davis-Bacon wage rates are being paid for federally funded work or not.

Post-Completion Verification:

This is the final stage of inspection and verification.

CTE reviews:

  • Final pay applications with completion reports and quality certificates.
  • Punch list items must be resolved before final payment.
  • Warranty period must be recorded.
  • Build according to the design or not.

The Chief Technical Examiner Audit Checklist:

Pre-Award Stage

Checklist Item Status Remarks
Project authorization and budget approval documented

Basis of design approved by competent authority

Cost estimate supported by current market data or RSMeans

Specifications are performance-based, not brand-restrictive

Independent cost estimate (ICE) prepared for contracts above threshold

Environmental clearances and permits obtained

Procurement Stage

Checklist Item Status Remarks
Solicitation published on SAM.gov per FAR requirements

Adequate solicitation period provided

Pre-bid questions and responses documented and distributed to all offerors

Sole-source justification (if applicable) properly documented

Award to lowest responsive, responsible bidder confirmed

Bid bond and performance bond verified

Davis-Bacon wage determination included in solicitation

Execution Stage

Checklist Item Status Remarks
Notice to Proceed issued within contract timeframe

Approved shop drawings on file before work proceeds

Resident Engineer's daily reports maintained

Materials testing conducted at specified frequencies

Certified test reports on file for structural materials

RFIs and change orders documented and approved before work proceeds

Hidden items photographed before being covered

Prevailing wage payrolls certified and submitted

Buy America compliance verified for applicable materials

Financial/Payment Stage

Checklist Item Status Remarks
Pay application quantities verified against RE daily reports

Change orders approved by authorized official before payment

Retainage held per contract terms

Stored materials payments supported by appropriate documentation

Final payment withheld until all punch list items resolved

Post-Completion Stage

Checklist Item Status Remarks
Certificate of Substantial Completion dated accurately

As-built drawings reviewed for accuracy and submitted

Warranty period and expiration date on record

Performance bond validity confirmed through warranty period

Closeout documentation complete

Common Red Flags in Technical Examinations And How to Avoid Them:

Issue How It Manifests Prevention
Inflated estimates Costs significantly exceed comparable projects without justification Independent cost estimate (ICE) and market benchmarking
Material substitution Specified Grade 60 rebar replaced with Grade 40 Certified mill reports required at delivery
Padded pay applications Billed quantities exceed physically verifiable progress RE daily reports matched to pay applications
Missing test reports Tests appear in logs but certified reports are absent Maintain file with signed reports upon receipt
Unauthorized change orders Scope changes executed before written approval No work proceeds without approved CO
Warranty period not tracked Performance bond expires before warranty ends Bond expiration calendar with renewal alerts
Brand-restrictive specifications "Product X or approved equal" with no genuine equal accepted Use functional/performance specifications only

Skills and Qualifications Required for Chief Technical Examiner:

Technical Knowledge:

CTE must have deep and applied knowledge of engineering. Most commonly, a CTE is from a civil engineering background.

Mechanical and electrical engineering skills help with projects like data centers, HVAC, power plants, and pumping systems.

The Chief Technical Examiner must understand:

  • AASHTO, ACI, AISC, ASTM standards
  • Public procurement regulations
  • FAR provisions
  • Contract law
  • Material science
  • Cost engineering

Ethical Integrity:

Ethical integrity is a must for the role of Chief Technical Examiner. CTEs face pressure from politicians, contractors, and project officials.

The Chief Technical Examiner must report findings truthfully.

Educational Requirements:

  • Bachelor’s degree in civil, Structural, Mechanical, or Electrical Engineering
  • Professional Engineer (PE) license
  • Graduate degrees
  • Certified Inspector of Concrete (ACI)
  • Certified Construction Manager (CCM)
  • Certified Internal Auditor (CIA)
  • Project Management Professional (PMP)

Experience:

The role of CTE requires a person with experience. Most Chief Technical Examiners have 15 to 25 years of hands-on experience in public works, engineering, or construction management.

Chief Technical Examiner Salary and Compensation:

Federal Government:

  • GS-14: $122,198 – $158,860 annually
  • GS-15: $143,736 – $186,854 annually
  • Senior Executive Service (SES) positions with CTE responsibilities: $183,500 – $221,900 annually.

Additional benefits up to 40% of the base salary through pension, insurance, leave, and TSP.

State Government:

  • State-level CTE salaries differ according to the state.
  • Senior Construction Inspector/Senior Engineer: $90,000 – $130,000 annually
  • Deputy Director of Engineering /Technical Audit Chief: $130,000 – $175,000 annually

Private Sector Equivalents:

Large EPCs also offer better salaries to technical auditors and quality assurance directors.

  • Senior Technical Auditor: $110,000 – $150,000 annually
  • Director of Quality/Technical Audit: $150,000 – $220,000 annually
  • Partner-level roles in Big 4 advisory: $200,000 – $350,000+ annually

Technology and Chief Technical Examiner:

Technologies have transformed the role of Chief Technical Examiners.

Technologies in 2026:

  • Digital Pay Application Platforms: e-Builder, Procore, and Sage have digitized the payment certification.
  • Drone-Based Site Inspection: UAV surveys are allowed for bridges, large buildings, and highways. They create 3D and Orthomosaic maps.
  • Geo-Tagged Photography: GPS-stamped photographic creates a timestamp when unloading on cloud project platforms.
  • AI-Assisted Document Analysis: AI tools scan pay applications, change orders, and invoices.

Emerging Technologies (2016-2030)

  • IoT Sensors in Structural Elements: Smart concrete with sensors reports curing data, temperature, and strength in real time.
  • Blockchain-Based Project Records: Blockchain-based technology in pay applications and change orders can quickly identify alterations.
  • Predictive Risk Models: machine learning is auditing data to predict contractor profiles, project conditions, and project types that are suitable for quality construction.
  • Autonomous Structural Assessment: Sensor data and AI-powered drone footage quickly flag structural anomalies.

Chief Technical Examiner Role in IT and Digital Procurement:

Chief Technical Examiners are required to audit IT and digital infrastructure procurement.

Federal and state agencies use data from ERP systems, smart city technology, data centers, and cybersecurity infrastructure, which costs up to $1 billion or more.

The technical examination requires:

  • Verification that hardware specifications
  • Software license compliance audits
  • Data center infrastructure checks
  • Cybersecurity compliance against NIST frameworks and FedRAMP requirements

The lack of IT skills in Chief Technical Examiners increases the demand for qualified IT professionals.

How to Report Technical Irregularities in Government Projects?

Not only CTE but also citizens, professionals, and project participants can report irregularities.

Federal Projects:

  • Agency Inspector General Hotlines: Check the directory at oversight.gov.
  • GAO FraudNET: It accepts reports of abuse, waste, and fraud.
  • FBI Tip Line: tips.fbi.gov

State and Local Projects:

  • Online reporting portal at the State OIG office
  • State DOT offices of compliance and civil rights
  • State attorney’s general offices

Note: Whistleblowers are protected under the False Claims Act.

Field Engineer to Chief Technical Examiner:

Here is the career path you must follow to become a CTE.

  • Years 1–5 work as a project engineer or inspector.
  • Years 6–12 work as a project manager or resident engineer.
  • Years 13–20 work as a senior engineer or program manager.
  • 20+ years’ work as a senior technical leader

How to Prepare Your Organization for a Technical Examination?

Make it a habit to treat technical examination as a standard.

Characteristics of the best Organizations under CTE or IG scrutiny are:

  • Real-time documentation: Certify pay applications against daily reports. Fille reports of material test reports on the same day are received. Approve change orders before work proceeds.
  • Internal technical audits: Use the framework of external auditors to run internal audits.
  • Training culture: Train project managers and site engineers on why it is a must to document everything.
  • Digital infrastructure: Use cloud-based project management platforms.

Conclusion:

The Chief Technical Examiner can work as a title. CTE can also work under the Inspector General's office, a GAO review team, or a state DOT audit function. CTE is responsible for guarding quality, value and accountability.

Emerging technologies like AI documentation, machine analysis, drone surveys, predictive risk modeling, and IoT-enabled materials monitoring have made the audits fast and accurate.

Engineers can choose the CTE career path to display skills, experience, and support.

FAQs:

What is a Chief Technical Examiner (CTE)?

Chief Technical Examiner (CTE) is an independent senior authority examining, auditing, inspecting and verifying the government-funded construction projects.

Is CTE the same as a Project Manager?

No. CTE’s role is not to manage the project but to detect irregularities.

Which organizations perform CTE-like roles in the United States?

The Government Accountability Office, Office of Inspector General, Federal Highway Administration, and U.S. Army Corps of Engineers perform CTE in the U.S.

What are the main responsibilities of a CTE?

The CTE responsibilities include reviewing project designs and cost estimates, auditing procurement and tender processes, conducting site inspections and material checks, and reporting fraud, waste, or substandard work.

What qualifications are required to become a CTE?

A degree in engineering, professional certifications, 15–25 years of experience, and strong knowledge of standards, contracts, and procurement laws.

Other helpful articles:

Saturday, March 28, 2026

Cyber AI: Accenture’s Cybersecurity Powered by Anthropic

Accenture collaborated with Anthropic to enhance its cybersecurity with AI-Driven operations. Cyber.AI uses the Claude model for easy setup, quick response, and threat analysis. It has reduced manual work from days to hours.

According to the Accenture document, it has implemented Cyber.AI in 6000 applications and 500,000+ APIs. The latest integration has reduced the scan turnaround time from day 5 to one hour. This is a massive operational time saving.

Here is everything you must know about Cyber.AI.

Cyber.AI: Accenture’s Cybersecurity Powered by Anthropic: eAskme

Other people are reading: Google's AI Mode Personal Intelligence Feature is Free for All: But in the U.S. Only

Cyber.AI:

Accenture launched Cyber.AI on March 25, 2026. It is an AI-powered cybersecurity platform. It is using Anthropic's Claude AI model and library of AI agents.

The goal behind Cyber.AI is to automate and accelerate cybersecurity operations. It enhances the cybersecurity lifecycle. It provides large scale transformation from risk assessment and threat triage.

Cyber.AI is different than traditional security platforms. It works on an agentic structure rather than flagging threats for human analysis.

It runs AI missions according to the workflow.  AI agents not only detect and assess threats but also respond without human oversight.

The adaptation of AI in security shifts the labor-intensive work to machine defense.

Accenture first announced Cyber.AI at the RSA 2026 event. It is a premier cybersecurity conference.

Significance of Cyber.AI:

The rising global threat of AI powers cybersecurity attacks has pushed brands like Accenture and Anthropic to build Cyber.AI.

The World Economic Forum's Global Cyber Outlook Report 2026 reported that Accenture helps organizations quickly identify AI-related vulnerabilities to reduce cyber risk.

Ransomware gangs, nation-state actors, and cybercriminal groups are already using AI to automate attacks. Personalized phishing is at scale. It is necessary to discover zero-day vulnerabilities and reduce the time required to get rid of possible threats.

The global Cybersecurity Services lead at Accenture, Damon McDougald, said that cybersecurity adversaries are rising. They are using AI to shorten the timeline to hours. Traditional human controls take time to identify such threats. This is a complete mismatch. This is where Cyber.AI was built to solve the issues and save a lot of time and effort.

Non-human identities are using AI agents, automated systems, bots, and API integrations to run cyber-attacks. They take advantage of poorly optimized digital footprints.

Organizations are adapting AI to accelerate. But at the same time, they create vulnerable non-human identities. It is necessary to govern these identities with Cyber.AI.

Claude: The Reasoning Engine Behind Cyber.AI

Anthropic's Claude AI model:

Anthropic's Claude AI model is the reasoning engine working as the heart of Cyber.AI. It enhances decision-making and reasoning.

Accenture chose Claude for its capabilities to handle security applications.

Contextual insights:

Claude can compress and analyze large security data. It tracks vulnerability databases, intelligence feeds, identity systems, endpoint telemetry, and network logs.

It is required to provide contextual insights. With deep insight, Cyber.AI helps security systems identify what is happening.

Claude works beyond the reasoning system. It can scan multiple data sources to identify patterns and indicate emerging threats.

Automated reasoning, analysis, and decision-making:

Claude works inside Cyber.AI's agentic workflows. It enhances reasoning, analysis, and decision-making. An AI agent runs security missions and investigates suspected credentials.

Claude helps AI security agents find out what it finds, escalation, and remediation.

Head of Cybersecurity Products at Anthropic, Michael Moore, explained that Claude’s role in Cyber.AI is to provide advances reasoning and threat removal capabilities.

It analyzes vast amounts of data within minutes. Agentic AI is necessary for security operations.

Cyber.AI is using Claude's safety architecture, AI design principles, and operates within defined operational parameters.

How Cyber.AI Works?

Cyber.AI operates AI-driven "missions.” These are the structured workflows with AI agents to complete security tasks.

Here is how AI missions work:

Mission Assignment:

The first step is to define security objectives. It includes vulnerability assessment, identity audit, incident investigation, and compliance check.

Cyber.AI establishes the best combination for AI agents from its database to complete the mission.

Agent Orchestration:

Cyber.AI deploys multiple agents to coordinate with each other and complete sub-tasks. In this scenario, one agent deals with intelligence databases, while another agent deals with internal asset inventory.

Reasoning and Decision-Making:

During the whole mission, Claude's reasoning engine takes input from AI agents to maintain situational awareness and decision-making.

Cyber.AI ensures that all the mission works within the organization’s policies and meets risk thresholds.

Delivery Outcome:

Cyber.AI ensures that the mission concludes with measurable inputs.

AI agents must work according to a workflow to find vulnerabilities, neutralize threats, generate reports, and transform milestones. It also ensures that everything is documented.

Accenture's agent library focuses on critical cybersecurity factors:

  • Identity Security: It automates identity verification, detects anomalous patterns, privilege governance and access reviews.
  • Cyber Defence: It ensures access coordination, incident investigation, monitoring, and threat detection.
  • Secure Digital Core: It protects cloud environments, application layers, and APIs.
  • Cyber Resiliency: It helps in planning, resilience testing, and disaster recovery.

The latest library-based architecture helps Cyber AI to start security domains and expand over time.

Cyber.AI Real World Development:

Cyber.AI is not only available for clients, but Accenture also deploys it across its own infrastructure. This gives real-time proof that Cyber.AI is reliable and operational.

Accenture's internal deployment reports:

  • 1,600 applications running on Cyber.AI.
  • 500,000 APIs powered by Cyber.AI.
  • Scan turnaround time is one hour.
  • Security testing coverage expanded to 80%.
  • Backlog of critical vulnerabilities.
  • Service delivery improved by 35%.

These stats display the real-time usability and what is achievable with Cyber AI.

80% coverage in security tests reduces surface attacks on a large scale.

Cyber.AI Real-World Enterprise Results:

A Fortune 500 agricultural organization is using Cyber.AI's agentic capabilities to enhance identity and access management operations. It also accelerated identity platform migrations.

Research Vice President at IDC, Craig Robinson, explained that the large-scale AI adoption also accelerates the growth of non-human identities and autonomous agents. Cyber AI ensures safety as it integrates AI agents across the security ecosystem.

Accenture, Anthropic, and Competitive Landscape:

In December 2025, both companies formed Accenture Anthropic Business Group. It has trained 30,000 Accenture professionals on how to use Claude. The team of 30,000 expert professionals now works behind the scenes for Cyber.AI.

Human expertise ensures customized deployment, client guidance, and improving implementations.
CrowdStrike also introduced Charlotte AI AgentWorks Ecosystem with Kroll, Accenture, Amazon Web Services, Deloitte, and Anthropic.

On March 21, 2026, Infosys announced a collaboration with Anthropic to deploy AI in regulated industries.

Why Cyber.AI Matters?

Human-speed to machine-speed security:

In the rising AI-led cyber-attacks, it is a must to shift from human-speed to machine-speed security. Cyber.AI provides production-ready solutions.

Agentic AI is a must for enterprise security's future:

Multi-agent security systems are replacing isolated AI solutions. They are required to run security missions. Cyber AI helps with scaling security infrastructure.

Governing AI agents:

Governing AI agents is important for deploying. Agent Shield understands how AI systems work within enterprises, securing and governing those systems.

Organizations can deploy AI agents without governance that can attract massive attacks.

Achievable Results at scale:

Accenture’s deployment of Cyber.AI proves that 95% reduction in scan time, 80% improvement in coverage expanding, 35% enhancement in service delivery are reliable facts.

Conclusion:

Cyber.AI is a next-generation AI-powered cybersecurity solution. It ensures enterprise cybersecurity. The combination of Anthropic’s Claude and Accenture’s deep domain expertise provides the necessary solutions to ensure cybersecurity in the AI era.

Cyber.AI ensures speed to deal with AI-powered attackers. Accenture’s internal and external deployment process that AI-driven security transformation is the future.

FAQs:

What is Cyber AI?

It is an Anthropic's Claude AI-powered cybersecurity AI.

What are the 4 types of AI?

Reactive Machines (Type I), Limited Memory (Type II), Theory of Mind (Type III), and Self-aware AI (Type IV).

How is Cyber AI trained?

Anthropic's Cyber AI is trained on Claude's reasoning infrastructure.

What are the 7 types of cybersecurity?

Network security, Information security, Cloud security, Endpoint security, Application security, Zero trust security, and Operational technology (OT) security.

Other helpful articles:

Saturday, February 28, 2026

Snaptroid: Is it Real? How does it work?

Snaptroid is an online app available with the promise to unlock private Snapchat stories. It is popular on TikTok. The Snaptroid video ads on TikTok collected millions of views. It made every user curious about the features and benefits of the Snaptroid app.

To offer more features, Snaptroid also released updates like Snaptroid 2.0 and Snaptroid 3.0. Both are different app versions with similar features.

Depending on the device you are using, you can install the Snaptroid 2.0 or the Snaptroid 3.0 app.

While Snaptroid has made a big promise that it unlocks private Snapchat profiles, it must be understood that such apps often run scams. Keeping that thing in mind, we have decided to test the Snaptroid app to find out what its capabilities are.

At eAskme, our goal is to test the applications and software before revealing information about them. To ensure that we appointed a team member to install and test the features.

This test has helped us to answer questions like whether Snaptroid is safe. How does Snaptroid work?

What are the benefits and limitations?

Snaptroid: Is it Real? How does it work?: eAskme

Other people are reading: App Development for Startups with Garage2Global

Snaptroid:

Snaptroid is a freemium application that offer feature to help you unlock the potential of Snapchat.

It promises that users get extra features, such as viewing private Snapchat accounts. While this claim sounds appealing, it is necessary to understand the functionality.

According to the Snaptroid website, it unlocks Snapchat information like:

  • Best Friends list
  • My Eyes-Only section
  • Snap Score
  • Message logs and chat history

Snaptroid website seems use friendly. It uses SSL and snapchats-like design to attract users.

Snaptroid released two versions:

Snaptriod's latest versions are available on the-snaptroid.com and snaptroid.cc.

Snaptroid 2.0:

It is a free version of the Snaptroid application.

You can use it from the official website to download apps, complete surveys, and share on social media.

It provides access to best friend lists, My Eyes-only list, chats, and snap score. It promises encrypted data protection.

Snaptroid 3.0:

It is accessible at the official website.

You can use it to access Snapchat information such as best friends, My Eyes-only list, chat history and snap score.

You may need to complete the survey before downloading the app. It also boasts of using user protection policies.

How to Access Snaptroid:

Snaptroid app is only accessible on smartphones.

You can access it on Android and iOS through applications.

To access Snaptroid features, you need to install and activate your account.

How to Setup Snaptroid Account:

  • Go to the Snaptroid website
  • Click on “Sign up”
  • Add your email address or use social login.
  • Use the phone number for verification.

How to View Snapchat Content using Snaptroid:

  • Go to Snaptroid.
  • Login.
  • Now add your Snapchat username in the “search” bar.
  • Choose “Private” data.
  • Wait for Snaptroid to access and deliver Snapchat user data.
  • Complete the “Human verification survey” to view the content.

Our Verdict:

I have tested Snaptroid to find out how it works, and it was nothing more than a marketing stunt.

Snaptroid promotes itself as a tool to download Snapchat Data and browse content anonymously. But it does not work that way.

I have tested Snaptroid multiple times to access my Snapchat account anonymously. I also used my Snapchat username.

But rather than giving me any data, it just gives the list of tasks to complete. These tasks include software downloads, surveys, and social media shares.

After completing it, return the result page with no result.

Snaptroid is a scam. It does not work but only promotes surveys and software downloads.

Here are the reasons why I believe Snaptroid is not authentic:

Unlimited Verification Loop:

Snaptroid created a verification loop that require user to complete multiple surveys and download software to visit the result page.

Even after completing everything, there is no guarantee that the result page displays any data.

Compromised Safety:

Installing smartphone apps from unreliable sources can compromise the safety of your smartphone.

The same applies to Snaptroid.

It is not available on official app stores like Google Play Store and Apple App Store.

Privacy Issues:

Snaptroid promises to deliver the Snapchat data of users anonymously, which is a privacy invasion.
Scam:

Snaptroid does not offer any legitimate features. Snaptroid 2.0 and Snaptroid 3.0 are the same apps with different versions.

Even the premium subscription only takes your money but does not provide any benefit.

Is Snaptroid Real?

Snaptroid Windows:

Snaptroid features work on windows such as accessing public Snapchat user information.

But it does not provide private details of Snapchat users. Sometimes the app crashes and fails to load.

It offers multiple versions, which do not work on every device.

Snaptroid Computer:

The Snaptroid app is not accessible on a computer.

You cannot install it without an emulator. During this process, Snaptroid can release viruses and malware.

Snaptroid Verification:

Snaptroid does not require user verification to sign up.

Yet it asks for verification every time you ask to unlock a user’s Snapchat data. It puts you in an endless loop of surveys and downloads.

Snaptroid Free vs. Premium:

  • Snaptroid free version: Snaptroid free version contain adds. It promises limited features but crashes a lot. It does not provide customer support.
  • Snaptroid Premium: The premium version charges a monthly subscription fee. It offers multiple filters and advanced features. It also offers customer support.

Why Snaptroid Uses Content Locking:

Snaptroid does not provide anything. It keeps the user in a dilemma that after completing surveys or downloads the user will get access to Snapchat content.

In the search for private user data, Snaptroid users spend hours completing surveys and downloading apps.

But, in reality, Snaptroid does not offer any solution. It does not work as an anonymous social media browsing app.

How Snaptroid Makes Money:

Snaptroid users’ actions to monetize its platform.

Here are the ways Snaptroid monetizes its platform:

  • App downloads: It asks users to download apps. Every time a user download app from the Snaptroid platform, it earns commission, which can be anywhere between $4 to $20/download.
  • SMS: Snaptroid also uses an SMS signup service to charge up to $30/month.
  • Surveys: When a Snapchat user completes a survey, Snaptroid earns commission.
  • Free Trials: Snaptroid also promotes free trial signups.

Why Snaptroid Does Not Work:

Snaptroid works against the Snapchat policies. Snapchat uses strong user protection that prevents online apps from stealing user data.

Here are the reasons why Snaptroid fails:

  • Snapchat Security: Snapchat's security policy prevents apps from anonymously browsing user data.
  • No-Authentication: Snaptroid does not ask for the user's password, which is a complete failure.
  • Vulnerabilities: Snaptroid is full of malware and vulnerabilities. Surveys and software downloads can spread malware.

How to Protect Yourself When Using Snaptroid:

If you have ever used Snaptroid or installed the Snaptroid app, then it is best to refresh your device. Use strong software to scan the system for virus activities.

Here are the steps that can protect you when testing Snaptroid:

  • Scan the app with an antivirus.
  • Uninstall suspicious apps.
  • Do not choose a subscription
  • Change passwords and do not share on Snaptroid.
  • Do not share financial details on Snaptroid.
  • Use unique passwords.
  • Do not use third-party apps to access Snapchat.

Conclusion:

Snaptroid is running a scam. It is not a legitimate app. It makes fake promises of unlocking private Snapchat data. At the same time, the Snaptroid app only forces users to complete surveys and download irrelevant apps.

Snaptroid 2.0 and Snaptroid 3.0 both work in the same way. It is better to avoid such apps and only use Snapchat to make friends and access friends' data.

Snaptroid FAQs:

What is Snaptroid?

Snaptroid is an online smartphone app. It promises that users get access to Snapchat data anonymously.

Does Snaptroid work?

No. It just lures the users with false promises.

Is Snaptroid Legit?

No. It makes false claims of unlocking Snapchat data for non-users.

Is Snaptroid a virus?

No. But its surveys and apps install may spread viruses.

Can Snaptroid Harm Your Device?

Yes. Installing and using third-party apps like Snaptroid can steal information from your device.

How to Protect Yourself from Snaptroid?

If you have ever used an app like Snaptroid, then take a backup of your data and reset your device.

Other helpful articles:

Sunday, February 22, 2026

Before Its News: Best Tech News Alternatives

BeforeItsNews is a U.S. based news website. As the name suggests, it is known for publishing information before it becomes news.

Before Its News gained popularity for publishing news related to politics, economy, health, science, sustainable living, inspiration, entertainment, and the world. It published popular news from countries like the U.S., Canada, Africa, India, Europe, and Israel.

BeforeItsNews also monetized its platform with the MGID Ad platform. At the same time, there are many other popular and leading news platforms. Before Its News established itself as a brand.

In the world of internet journalism, where every user considers themselves a journalist or influencer, every story becomes some news. But it takes only a credible platform to become a news brand. This is where people choose Before Its News.

Before you choose BeforeItsNews, here is everything you must know about it.

Before Its News: Best Tech News Alternatives: eAskme

Other people are readingPayPal Data Breach: Customer Data Exposed for 6 Months

Before Its News:

Before Its News was registered in 2007, it has been more than 19 years since BeforeItsNews published local and international news online. It chooses citizen-based journalism where it asks its readers to share news and get published.

While Before Its News articles gain attention at the same time critics criticized it for ignoring human oversight. The user-generated content across platforms causes serious issues related to authenticity.

Before It's News does not enforce fact-checking practices before publishing news, this is where its alternatives like eAskme, NYTimes, Huffpost, Washington Post, TechCrunch, and Mashable dominate the news industry.

Note: Readers must verify the source of news before believing in Before Its News.

Features of Before Its News:

Before It's News offered similar features to many other UGC news publications.

Here are the notable features of BeforeItsNews.

UGC:

User-generated content is a major advantage and disadvantage. It allows every user to join the platform and share their views. Without assessing the credibility of the news, content gets published on BeforeItsNews.com.

Multi-niche:

Before It's News covers every niche and category on its platform, from local news to international news, from science to entertainment, it publishes everything. You can read about U.S. politics, history, healthcare, and science.

Community:

Its community is engaging. It is an active, community-driven news platform. Readers actively participate in the news conversations, comments, and social media.

Less Editorial Control:

It lacks much editorial control. It gives users complete access to publish content without reviewing it, which is itself a major drawback. Sometimes users publish information that they have not validated.

Alternative News:

The platform works differently from the mainstream news channels. It allows publishing local, international, and news that any other agency does not cover. It becomes the voice of people who want to be heard.

No Fact Check:

One of the serious issues is the lack of fact-check practices. There is no way to make corrections.

Before It’s News Categories:

Before It’s News publishes news in almost every category. There are multiple main and sub-categories. It publishes articles in 120 categories.

Here are the notable categories on Before It’s News:

Featured:

Under the features category, you get to read the most viral news. It lists the top monthly and weekly stories under the featured section.

Economy:

As the name suggests, news related to funds, finance, stocks, and insurance is available under the Economy category. It also publishes government policies and people’s reactions.

Health:

The health section is full of healthcare-related news. It covers topics like health relief packages, healthcare systems, changes to health policies, and more.

Beyond Science:

This section is dedicated to stories related to science, fiction, and research. It covers topics like neural science, spacecrafts, new research, and inventions.

Power of Belief:

Before It’s News not only publishes news but also shares details about human beliefs. It covers posts relating to personal growth, religion, and spirituality. You get to know about what priests say, how the religion shapes society.

Sustainable Living:

You learn the way to live a sustainable life with eco-friendly homes, green buildings, and office setups. It covers topics related to pollution and eco-warriors.

Inspiration:

Whenever you need inspiration, you read this section. It is full of inspirational stories, quotes, and life experiences.

Live:

As the name suggests, it shares live news and videos. Users share live news while they are recording it.

Video:

This section is dedicated to video news. You get to watch a lot of new videos every day. Some are related to news, and others are related to user opinions.

Top 50:

Under this section, you read the top 50 most popular stories and news publishing within the last 6 months. It also displays the related stories section.

Most Recent:

You want to read the latest news, then visit the Most Recent section.

Shopping:

Under this section, you read about the latest deals, products, shopping events, and ads.

Is Before It’s News Safe?

Yes. Before It’s News is safe to use, but at the same time, its content is unfiltered. You cannot consider it as the most legitimate news source. Forbes has shared the list of credible news sources here.

Open Publishing:

Before Its News allows any user to register and publish news on its platform, this type of publishing is known as open publishing. It attracts a lot of news, but at the same time puts credibility at stake.

No Fact Check:

Authors publish news without fact-checking. There are no editorial policies to review, and fact-check the articles before publishing. You cannot find facts within the articles. This is a serious issue.

Content Quality:

As every user can publish content on Before Its News. It lowers the content quality. Some users are not native English speakers.

They make grammatical mistakes. Sometimes headings and content do not align with each other. This creates massive content quality issues.

Ethical concerns:

BIN does not provide transparent and ethical policies. They have no way to find out the source of the news.

Before It’s News Assessment:

Multiple agencies reviewed Before It’s News and revealed the reliability and credibility issues.

Ad Fontes Media:

Ad Fontes Media marked Before Its News content as inaccurate and unreliable. It scored 6.23 out of 64. It scored 29.41 and became hyper-partisan right. Ad Fontes Media also accused BIN of spreading fake news and conspiracy theories.

Media Bias/Fact Check (MBFC):

MBFC also reviewed Before It’s News and called it a questionable source of news. The agency found multiple issues within the BIN content. It found false news and conspiracy theories.

Scamadviser:

Scamadviser also rated Bin 3.8/5. It has a long-lasting domain with SSL, yet it lacks content quality.

Before It’s News Misinformation:

Before It’s News was accused of spreading false news and conspiracy theories.

Here are the examples of Before It’s News low quality content:

Pizzagate Conspiracy Theory:

Before It's News published multiple news articles related to the Pizzagate Conspiracy Theory, it was alleged that democratic officials were indulging in child trafficking at a pizzeria in Washington, D.C. This was a baseless claim as there was no evidence.

False Claims About George Soros:

BIN made false claims about George Soros. In 2019, it spread false news of George Soro arrest in Switzerland. It has repeatedly sent false information.

COVID-19 Conspiracy Theories:

During COVID19, Before Its News published false and misleading news related to bioweapons, medicines, and biotechnology.

Before It’s News Alternatives:

eAskme:

eAskme is an online news and marketing media active since 2014.

It publishes in-depth reviews of business, marketing, news, social media, blockchain, crypto, AI, travel, entertainment, and more. Multiple tech experts share their views about the latest trends and news.

Mashable:

Mashable is one of the most popular platforms for entertainment, culture, tech, science, mobility, and podcasts.

You can read the latest technological trends and upcoming changes as quickly as they are released.

TechCrunch:

TechCrunch is the world’s leading technology platform for getting the latest updates.

It publishes news related to startups, Apple, Security, AI, apps, and events. You can also listen to podcasts. You can also participate in TechCrunch events.

The Verge:

The Verge is another tech review platform.

It offers news related to the latest technology, science, entertainment and AI. It is a free platform to read the latest news from credible sources.

Ars Technica:

Ars Technica was active in 1998. It is the home of news and reviews related to IT, health, AI, gaming, cybersecurity, space, computers, science, operating systems, and mobile devices.

You can also join the Ars Technica forum and engage with the active community.

Due to the lack of quality at Before Its News, it is best to choose eAskme, Ars Technica, and TechCrunch to read the latest news.

How to Discover Fake News at Before It’s News:

In the world of the internet, it is easy to discover fake news. All you need is to match the news with online sources.

  • Verify Author: Verify if the author is reliable or not. Check his account details, such as social media profiles, LinkedIn, etc.
  • Sources: Verify sources to find out that the information published is verifiable.
  • Examine Evidence: Ask Google to verify the news.
  • Check dates: Make sure that you check the date when reading the news.

How to Use Before It’s News:

Before It’s News is good for user-generated content. It works as a community. You can join the community and publish news on your own.

Conclusion:

Before It’s News, also known as BIN, is a popular news platform in the U.S. It works with user-generated news. Users are allowed to publish news without waiting for reviews.

The absolute freedom to publish anything displays a lack of editorial control. It makes false information easy to publish and spread. It is also the reason why many sources call BIN fake news and a misleading platform.

You must choose a reliable news platform. BIN alternatives like eAskme, TechCrunch, The Verge, and Ars Technica should be on your list.

FAQs:

What is Before It’s News?

Before It’s News com is a free news platform. It allows users to write and publish news without publishing control. It published news related to politics, health, science, life, and more.

Can I Submit Articles to Before It’s News?

Yes. You can register on Before It’s News. After that, write and publish credible articles on the platform.

Is Before It’s News Reliable?

A lot of fake news and misleading information tagged BIN as a non-reliable news platform.

Other helpful articles:

Wednesday, February 4, 2026

400+ Malicious OpenClaw Skills Spreading Password-Stealing Malware: What You Must Know!

400+ Malicious OpenClaw Skills Spreading Password-Stealing Malware: What Users Need to Know
Clawdbot’s successor, OpenClaw, has surpassed many trending AI tools. While the OpenClaw became viral, so did the large-scale malware campaigns.

The recent revelation of 400+ malicious OpenClaw “skills” has shaken the AI industry. These malicious codes were uploaded during the days of their popularity.

Most of them represented themselves as cryptocurrency trading tools that tricked crypto users into installing them. And that installation caused a massive malware-crypto heist on Windows and macOS.

This was the first major supply chain attack that targeted AI agent skill marketplaces. It displayed that attackers could exploit open-source AI ecosystems and spread them like a viral thing.

It is time to understand what OpenClaw is, how attackers used it, who was the target, and why massive security flaws lie within the AI systems.

400+ Malicious OpenClaw Skills Spreading Password-Stealing Malware: eAskme

Other people are reading: How to Write Blog Posts with OpenClaw?

OpenClaw and Malicious Skills:

OpenClaw is an open-source AI assistant to manage inbox and messaging apps. It runs on a local machine. In November 2025, Peter Steinberger launched it with the name ClawdBot. Which later renamed as Moltbot and again rebranded as OpenClaw.

As the OpenClaw became famous because of its capabilities to manage messages, it failed to keep its claws locked from attackers.

OpenClaw platform users LLMs such as OpenAI API or Anthropic’s Claude Code to allow users to interact with AI agents. It uses messaging apps as communication tools.

OpenClaw Connect with these messaging apps:

  • Microsoft Teams
  • WhatsApp
  • Slack
  • Telegram
  • Signal
  • iMessage

The primary reason why OpenClaw gained popularity is because of its support for community-created “skills.” These skills work as plugins that enhance the capabilities of AI agents. Skills are used to automate tasks such as file management, trading bots, data analysis and control.

While OpenClaw offered flexibility to its users, the same flexibility became the target for attackers. Attackers created malicious skills to interact with local applications and steal sensitive data.

Discovery: 400+ Malicious skills

Till now, the OpenSourceMalware community discovered 400+ malicious skills in OpenClaw. These skills are running coordinated malware attacks on user machines.

The OpenSourceMalware community reported:

  • Between January 27 and 29, 28 malicious skills were uploaded to OpenClaw.
  • Between January 31 and February 2, 386 more malicious skills were added.
  • Over 400 fake skills were linked to the same infrastructure and malware campaign.

These skills established false legitimacy by getting published on ClawHub and GitHub. These were professionally documented and publicly available.

How the OpenClaw Malware Attack Worked:

Disguised as Crypto Trading Tools:

The malicious skills uploaded on OpenClaw disguised themselves as crypto trading tools. Users trusted them as crypto automation tools and installed them on local machines.

Malicious skills used recognized brand names such as:

  • LinkedIn
  • Reddit
  • Axiom
  • Polymarket
  • ByBit

The attack was intentional. Attackers knew that crypto traders often store private keys, wallet credentials, and API tokens on local machines.

Social Engineering:

Attackers did not exploit the OpenClaw’s code. Instead, they used social engineering.

They created fake skills and let the users install AuthTools. These tools claimed they were required for enhanced functionality or authentication.

As users downloaded these, they installed malicious scripts:

  • Downloaded malware from remote servers.
  • Executed system commands.
  • Installed information stealers.

The OpenSourceMalware community described this approach as a ClickFix scam. It convinced users to run malicious commands under the assumptions as they were fixing something.

Shared Command-and-Control Infrastructure:

All malicious skills are part of the same Command-and-Control infrastructure. It clears the fact that the attack was coordinated and intentional.

Shared Command-and-Control Infrastructure Allows Attackers to:

  • Exfiltrate stolen credentials
  • Monitor infected systems
  • Maintain persistence across multiple victims

Attackers also reused the same infrastructure to connect with hundreds of skills quickly.

What Data Was Targeted:

The OpenClaw malware skills were stealing information. They were designed to harvest sensitive crypto data from both Windows and macOS.

The stolen data included:

  • Cryptocurrency wallet private keys
  • Exchange API keys
  • Browser-stored passwords
  • SSH credentials
  • Authentication tokens
  • Sensitive local files

The stolen crypto keys caused financial loses to crypto users. The damage is irreversible.

One Account Behind the Whole Malicious Campaign:

screenshot of 400+ Malicious OpenClaw Skills Spreading Password-Stealing Malware

Hightower6eu is the ClawHub account that was behind these malware attacks.

hightower6eu id used to exploit user data:

  • Published identical skills
  • Became the most downloaded publisher
  • Thousands of downloads before detection.

hightower6eu uses repetition and volume to increase credibility and visibility. It took advantage of ClawHub’s limited security checks and moderation flaws.

How Malicious OpenClaw Skills Attack Is a Supply Chain Attack:

Researchers classified the malware campaign as a software supply chain attack. It does not attack the OpenClaw. Instead, it used the platform’s ecosystem to run multiple attacks.

Rather than hacking OpenClaw, attackers did these:

  • Uploaded malicious skills
  • Leveraged user trust
  • Used official distribution channel
  • Achieved malware distribution

This is the same approach discovered in previous supply chain attacks on open-source platforms.

Security Gaps in the OpenClaw Ecosystem:

OpenClaw’s ecosystem also has flaws that helped the attackers achieve their intentions.

Lack of Skill Review and Moderation:

  • ClawHub is not enough to review and moderate skills.
  • Researchers found these flaws:
  • No malware scanning
  • No manual reviews
  • No code auditing

Sometimes the malicious codes were even visible in repositories and skills available publicly.

Deep System Permissions:

The need for local machines to run the OpenClaw architecture is itself a risk.

Security experts warned that:

  • It can execute shell commands.
  • Access privacy files
  • Interact with other applications.

Once installed in local machine, a compromised skill can efficiently act with user-level authority.

Industry Experts' feedback:

Industry experts and critics review this incident as a significant lesson. It is not just about one platform.

Diana Kelley, CISO at Noma Security, explained that malicious skills turn a familiar supply-chain problem into a higher-impact threat.

Jamieson O’Reilly, a penetration tester who exposed OpenClaw vulnerabilities, is now working as a new security representative.

Why Malicious OpenClaw Skills Targeted Crypto Users:

The target of Malicious OpenClaw Skills was to steal information from crypto users.

Here are the common reasons why crypto users were the easy target:

  • Crypto uses store private keys on a local machine, which is easy to steal and cause financial loses.
  • Browser wallet and extension are easy to exploit.
  • Users manage API keys for automated trading, which gives malicious skills an edge to track users.
  • Users operate on multiple crypto exchanges.
  • Financially motivated attackers target crypto users to steal their information and cryptocurrencies. It is easy to monetize stolen crypto data anonymously.

It is a must to learn how to keep cryptos safe.

What This Means for AI Agent Platforms:

This incident exposes the vulnerability and challenges of AI platforms.

Trust is Expanding:

AI assistants are becoming a need for everyday users. AI assistants can take control, run commands, and manage workflows. These create a surface for malicious attacks.

Open Ecosystems:

Open ecosystems without governance invite attackers. Community AI marketplaces should implement safeguards such as mandatory code reviews, automated malware scanning, reputation systems, and permission-based access control.

Social Engineering is a Threat:

The success of the OpenClaw malicious chain attack reveals the risks of social engineering. It is necessary to make the user aware of the benefits and limitations of the platform.

How Users Protect Themselves:

If you use MoltBot, OpenClaw, or another AI assistant, then take these precautions:

Avoid Unverified Skills:

  • Install skills from trusted developers only.
  • Check the GitHub community and activity
  • Avoid newly published skills

Never Run Unknown Commands:

  • If you do not understand a command, then do not run it.
  • Do not manually execute shell commands.

Use Separate Environments:

  • Run AI assistants in virtual machines
  • Do not grant unnecessary file system access

Monitor System Activity:

  • Beware of unusual network connections
  • Use endpoint protection tools

Conclusion:

OpenClaw is not free from attackers and malicious skills. The discovery of 400+ malicious skills is a bigger threat than any other attack. It displays that attackers are adapting new AI technologies.

Attackers use trust, a weak marketplace, and speed to perform malicious attacks. Without safeguards, an AI assistant can become a risky tool.

Automation and convenience require strong safeguards.

FAQs:

What is the OpenClaw malware incident?

It involves 100+ malicious skills that target crypto users to steal their keys and credentials.

What are OpenClaw skills?

OpenClaw skills are the community-created extensions to enhance the AI agents. 

How did attackers spread malware through OpenClaw?

Attackers used social engineering to make users install malicious software on local machines.

What type of malware was used in this campaign?

Information-stealing malware (infostealers) was used.

Which operating systems were targeted?

Windows and macOS systems were targeted.

Who discovered the malicious skills?

Vulnerability researcher Paul McCarty (aka 6mile) is the first person to discover malicious skills.

Are the malicious skills still available?

Yes.

Other helpful articles: