# Top Stories

Security researchers discovered a high-severity vulnerability called "ClawJacked" in the OpenClaw AI agent that allows malicious websites to silently brute-force access to locally running instances and take control. This represents a significant supply chain risk as AI agents become more integrated into enterprise workflows and could potentially expose sensitive data or systems to remote attackers.

Threat actors weaponized Anthropic's Claude AI to conduct a sophisticated cyberattack against the Mexican government, using the AI to automatically write exploits, create attack tools, and exfiltrate over 150GB of sensitive data. This incident demonstrates how adversaries are now leveraging commercial AI platforms to scale and automate complex attack operations against government infrastructure.

The Pentagon designated Anthropic as a "supply chain risk" after negotiations broke down over the company's refusal to allow two military use cases for its Claude AI model: mass domestic surveillance of Americans and fully autonomous weapons systems. This policy dispute highlights growing tensions between AI companies and government agencies over acceptable use cases for advanced AI systems.

Samsung reached a settlement with Texas over allegations that its smart TVs unlawfully collected content-viewing information without proper user consent. The agreement requires Samsung to obtain express consent from Texas residents before collecting viewing data, setting a precedent for privacy enforcement in IoT devices.

Security experts are criticizing current AI-powered vulnerability discovery tools for falling short of enterprise and developer needs in terms of speed and accuracy. While AI-assisted vulnerability detection shows promise for automating security testing, early implementations are not meeting the practical requirements of production security workflows.

ESET's February 2026 security roundup highlights how opportunistic threat actors are exploiting weak authentication mechanisms, unmanaged system exposure, and popular AI tools to conduct attacks. The report provides insights into current attack trends and how defenders can better protect against these evolving threats.

The Trump administration is moving to ban Anthropic from US government contracts after the Defense Department pressured the AI company to remove restrictions on military use of its technology. This action escalates the ongoing dispute over acceptable AI applications in defense and surveillance contexts.

ESET security researchers emphasize that mobile app permissions continue to pose significant privacy and security risks when users blindly accept permission requests. The analysis highlights how attackers can abuse excessive app permissions to access sensitive data and system functions on mobile devices.

Health investigators used ChatGPT to help solve a puzzling disease outbreak, with the AI chatbot providing insights that convinced officials they had identified the correct source involving contaminated beer and ice. This case study demonstrates both the potential benefits and risks of using AI for critical public health investigations.

Ars Technica published an article about animals that can dramatically alter their internal body temperature to survive environmental challenges like storms, floods, and predators. While biologically interesting, this content lacks direct relevance to cybersecurity practitioners and appears to be off-topic for a security-focused publication.