Add source Login
Get Acer’s Ryzen laptop with 16GB RAM for only $317 right now

Get Acer’s Ryzen laptop with 16GB RAM for only $317 right now

NOW ONLY $317 Acer Aspire 3 with 16GB RAM View Deal Prices for laptops are heading up and up, but if you hurry, you can grab an older refurb at an amazing discount. Acer is offering a 15-inch Aspire 3 with a Ryzen 7000 processor, 16GB of memory, 1TB of storage, and a touchscreen for just $316.19 on eBay . That’s almost $200 off the already-low price for a new unit. The Aspire 3 A315-24PT-R288 ( full specs here ) is a budget design, using older DDR4 memory and PCIe 3.0 storage. But that said, 16GB is the lowest I’d recommend for Windows 11, and a 1TB drive is a definite upgrade at this price point. Ditto for the touchscreen, which is hard to find on anything under the $500 mark. The Ryzen 5 7520U is an older processor, but with four cores and integrated Radeon 610M graphics, it should have plenty of power for some light-to-medium gaming duties. In terms of presentation, the Aspire 3 isn’t much, with a plastic chassis and a proprietary charging port (though it can also charge via USB-C). It packs two USB-A ports, full-sized HDMI, and a keyboard with a number pad. But if you’re looking for a laptop that can handle everything you want to throw at it on a miniscule budget, look no further. This refurbished unit comes directly from Acer, not a reseller, and it’s packing a two-year warranty via eBay’s certified refurbished program. That’s more than you usually get, though service is through Allstate (not ideal). With affordable laptops thin on the ground, there’s no telling how long stock will hold out. I’d pick one up quick if you’re in the market. If not, check out PCWorld’s roundup of the best laptops .

Best Windows backup software 2026: Protect your data!

Best Windows backup software 2026: Protect your data!

Your PC’s storage media is subject to malware and, on occasion, natural disasters such as lightning, fire, etc. — which is why formulating a backup strategy is critical for keeping your data safe. Our picks for best Windows backup software will keep the tears to a minimum if and when your primary local data repository is compromised. What backup utilities come with Windows? Sadly, while other operating systems make backup easy, Microsoft saddles users with a patchwork system of utilities and holdover imaging tools from Windows 7. Some of these work quite well (Restore Points, File History), some don’t (System Repair Disc, Recovery Drive). None are suitable for quick and easy disaster recovery — even the online backup that is available when you use Windows with a Microsoft cloud account. Thankfully, there are a number of highly capable and far more reliable third-party backup options for Windows that cover the panoply of backup, restore, migration, and disaster recovery. Why you should trust PCWorld for backup software reviews and buying advice: It’s in our name — PCWorld. Our reviewers have been testing PC hardware, software, and services for decades. Our backup evaluations are thorough and rigorous, testing the promises and limitations of every product — from performance to the practicalities of regular use. PROMOTION Backup software powered by AI – EaseUS Todo Backup EaseUS Todo Backup covers everything you need for backups. With AI smart backup, automate your backup tasks on schedule, run to make copies, do realtime protections, and restore everything instantly. No extra effort is required. Also, get 250GB cloud storage for free. Now 25% OFF Exclusive Code: PCWORLD25 Free Download Get It Now | 25% off EaseUS Todo Backup 2025 (Home) – Best dedicated Windows backup Pros Imaging, backup, sync, and disaster recovery Comprehensive and option rich Great interface Cons Occasional non-fatal oddities during file backup and sync No third-party online storage support Best Prices Today: Retailer Price EaseUS $39.95 View Deal Price comparison from over 24,000 stores worldwide Product Price Price comparison from Backmarket Who should buy EaseUS Todo Backup 2025? EaseUS Todo Backup 2025 (home) has matured into an outstandingly versatile and comprehensive backup solution. With a still-affordable perpetual license, it also costs less than some of the now subscription-only competition such as Acronis True Image and Macrium Reflect X . It’s our top pick for the average user. EaseUS Todo Backup 2025: Further considerations Imaging, disaster recovery, plain or compressed file/folder backup, sync, real-time (actually continuous) backup, and nearly every bell and whistle in the backup space are accounted for by Todo Backup. In addition to its comprehensive and reliable set of features, Todo Backup greets you with a pleasingly-rendered, animated interface and a supremely logical layout. That it doesn’t force you into a subscription model is also a plus. That said, if you want to use EaseUS’s cloud storage (third-party isn’t supported directly), you do need to opt for a yearly plan. Fortunately, it’s decently affordable: software plus 1TB of cloud storage for $60/yr. Read our full Easeus ToDo Backup 2025 review Acronis True Image – Best comprehensive backup and malware protection Pros Imaging, backup, and disaster recovery Actively protects against viruses and ransomware Integrated cloud storage available Cons Heavy installation footprint Subscription only Lots of telemetry Price When Reviewed: 69,95 Euro Best Prices Today: Retailer Price Acronis 49,99 € View Deal 69,95 € View Deal 85,95 € View Deal Price comparison from over 24,000 stores worldwide Product Price Price comparison from Backmarket Who should buy Acronis True Image? True Image is a great option for anyone who wants seasoned and reliable file and image backup as well as full-fledged protection from malware (including ransomware). Acronis True Image: Further considerations Acronis established itself as a trustworthy stalwart in backup software years ago. In meantime the program’s moniker morphed for a while to Cyber Protect Home Office (which is actually more descriptive), but is now back again to the more recognizable True Image. Throughout the changes, the program remained super-reliable, and gradually evolved into a versatile, flexible, backup and malware protection solution. While True Image doesn’t offer support for third-party cloud storage, only its own, the program does allow you to back up to and from network locations. As I noted in my review, “If you’re looking for a comprehensive, set-it-and-forget-it data-safety solution, I know of nothing better — or comparable for that matter.”. Thisdoes however, result in a rather heavy system footprint with multiple background processes running. Alas, for better (the comany’s) or worse (yours), True Image is now subscription-only. I recommend bumping up from the Essentials plan to the Advanced plan, which includes 250GB of storage (with the purchase link in this article, it’s only $24.99 per year, down from $72.99). Read our full Acronis True Image review Easeus Todo Backup Free – Best free combined backup and disaster recovery Pros Imaging, file backup, and sync Super-friendly, attractive interface Disaster recovery with boot media Cons No cloud storage support (a trial is offered) A couple of minor non-fatal file function errors Best Prices Today: Retailer Price EaseUS Free View Deal Price comparison from over 24,000 stores worldwide Product Price Price comparison from Backmarket Who should use Easeus Todo Backup Free? Anyone who wants friendly, easy to use backup and reliable disaster recovery in one package should take a look at Easeus Todo Backup free. The only cost to a startlingly capable suite is a couple of ads and nags. Easeus Todo Backup 2025: Further considerations Easeus Todo Backup Free covers all the backup basics: File/folder backup (compressed and plain), one-way sync, system/drive/partition imaging, and all with scheduling. But there are extras you might not expect from a freebie such as backup from network locations, and what EaseUS calls real-time backup (it’s actually continuous — close enough), That’s unique for a freebie. Todo Backup 2025 also sports the easiest, most attractive (in our estimation) interface on the market. That alone should recommend it to most users. But the fact that it just works (there are a couple of odd, non-fatal peccadilloes in the file sync), and comes with reliable disaster recovery and boot media seals the deal. There’s a professional version that adds numerous advanced features, as well as EaseUS’s own cloud storage. See the entry above. Arcserve ShadowProtect SPX – Best Windows backup for SMBs Pros Fast and reliable continuous data protection Super easy restores to real or virtual hard drives Handy timeline overview Excellent disaster recovery Cons Somewhat daunting login dialog Image-based backup only Pricey for end users Best Prices Today: Retailer Price StorageCraft $99.95 View Deal Price comparison from over 24,000 stores worldwide Product Price Price comparison from Backmarket Who should buy Arcserve ShadowProtect SPX? Home, small, and other businesses who are looking for backup software more powerful than the norm, that also scales nicely in networked ecosystems will do well with this solid, feature-laden, and very fast backup program. Arcserve ShadowProtect SPX: Further considerations Arcserve ShadowProtect SPX is loaded with pro- and enterprise-level features including support for third-party virtual hard drives (VHDs, etc.). It is also an excellent choice for Linux users or those in mixed Windows/Linux environments as it’s available for both operating systems. ShadowProtect SPX is a bit pricey, but it’s extremely reliable backup software with foolproof continuous data protection. Note that the company no longer targets the average user, but I found that it works exceptionally well even on a single computer. Read our full Arcserve ShadowProtect SPX Desktop review Other notable Windows backup software Aomei Backupper Pro is a complete backup solution capable of preserving your important data both locally and remotely; while Aomei Backupper Standard , a respectable free backup program if you can tolerate the occasional ad; Retrospect 19 Solo includes support for both proprietary and third-party cloud storage, but sadly it lacks disaster recovery; while Retrospect 19 Desktop is the pro version and covers all the bases, but has a steep learning curve and high price. Backup and Restore (Windows 7) is conveniently installed with Windows, and is good for imaging, but bad for disaster recover; MSP360 Managed Backup uses a handy web-based console to provide imaging and file backup services for multiple devices at a reasonable price; in its free incarnation, MSP360 Backup is a worthwhile upgrade to Windows File History; Iperius Backup has power aplenty, but the learning curve and interface might occasionally flummox less-experienced users. Handy Backup 8.5 Professional has top-notch features that might’ve garnered an Editors’ Choice award had it been entirely glitch-free and a bit easier to learn; MiniTool ShadowMaker Pro 4.6 has a lot to like, particularly its unique ability to interface with all computers on a network. Macrium Reflect Home would likely qualify as our favorite backup software if it wasn’t relatively pricey. It’s an exceptional program that offers everything we want from backup software — full drive/folder backup, ease of use, reliability, etc. DriveImage XML is a viable free backup solution, albeit only for MBR disks; Ashampoo Backup Pro 26 has overarching support for myriad backup chores with easy-to-understand wizards, but no backup from the recovery disc or option for “differential” backups. Note that in this article we focus on local-software based solutions, although many also include a cloud component. For cloud-first backup, see our roundup of the best online backup services . Admittedly, the distinction between the two categories is blurring as they each expand their feature sets. How we test Our reviewers run each program through the various types of backups and restores it’s capable of — including those requiring boot media. This is largely to gauge reliability and hardware compatibility. We check speed, but such is highly reliant upon the connections and media involved. If we notice anything is particularly fast or slow, we’ll tell you about it, but creating a functional backup is paramount. To learn more details, see our article on how PCWorld tests backup software . Who curated this article Having started computing by flipping switches, Jon Jacobi has witnessed storage morph from punch cards and tape to solid state. He’s been using and testing HDDs, SATA SSDs, and NVMe SSDs for PCWorld for well over two decades. To paraphrase a well-known commercial, you might say he’s seen a thing or two. How to choose backup software As with most things — buy to suit your needs. Features you won’t use add complexity and could slow down your system. Additionally, if you recently purchased an external HDD or SSD from a major vendor such as — Seagate or WD, check to see if there are backup utilities or a backup software license included. The following are key criteria you should consider when formulating a backup plan or software purchase. File backup If you want to back up your essential data (operating systems and programs can be reinstalled, though it’s mildly time- and effort-consuming), a program that backs up only your important files is essential. Some programs even automatically select the appropriate files or folders. File backup can include operating system files if you wish but is still not suitable for disaster recovery. Image backup/imaging Images are byte-for-byte snapshots of your entire hard drive (normally not including empty sectors) or partitions, and can be used to restore the operating system, drivers, programs in one swift, fell swoop. Imaging also ensures that you don’t omit anything important as can happen with file backup. Recovery boot media Should your system crash completely, you need alternate means to boot your system and restore data using your backup software. Any backup program worth its salt should be able to create a bootable optical disc or USB thumb drive. Some will also create a restore partition on your hard drive, which can be used if the issue isn’t a failed drive. Note that we’ve run into multiple issues with Microsoft’s own Recovery Drive and System repair disc — don’t rely on those. Scheduling If you’re going to back up effectively, you need to do so on a regular basis. Any backup program you purchase should let you schedule backups and run them in the background. Some even will backup files as they change (real time) or at very short intervals (continuous) Versioning Versioning is simply retaining older version of files (or backups) rather than overwriting them during the backup/sync process. You can generally define how many versions to keep, but if you choose to cull older files, this is till not true backup which again, is an immutable copy of your data, drives, or system. Optical discs Every backup program supports hard drives, but as obsolete as they may seem, DVDs and Blu-Ray discs are great archive media. If you’re worried about optical media’s reliability, M-Disc claims its discs are reliable for a thousand years, backed up by Department of Defense testing. Online storage (cloud) support An offsite copy of your data is a hedge against physical disasters such as theft, flood, fire, and power surges. Online storage services are a great way to meet that need. Some backup software will let you back up to Dropbox, Google Drive, OneDrive, Amazon S3 and compatible, etc. however Cloud Managers can serve as a workaround with backup programs that don’t. The downside to cloud storage is relatively slow performance. Keep a local backup for faster restores. Network access Backing up to other computers or NAS boxes on your network or in remote locations (say your parent’s or children’s house) is another way of safeguarding your data via a physically remote copy. If you use network storage, it can also be handy to back them up to you local system. FTP/SFTP can be used for offsite, while SMB (Windows and most OS’s) and AFP (Apple) are good for other PCs or NAS on your local network. Network support is not universal, and some backup programs allow you to back up to , but not from network shares. Just be careful in the way you expose your computers on the Internet. Real-time backup Real-time backup means that files are backed up whenever they change, usually upon creation or save. It’s handy for keeping an immediately available backup of rapidly changing data sets. For less volatile data sets, scheduled backups will do just fine. Continuous backup Continuous simply means backing up on a tight schedule, generally every few minutes, rather than in real time, daily, weekly, or monthly. Use continuous backup for rapidly changing data sets where transfer rates are too slow, or computing power too precious for real-time backup. Performance concerns Most backups proceed in the background or during dead time, so performance isn’t a huge issue in the consumer space. However, if you’re backing up multiple machines, backing up to multiple destinations, or dealing with very large data sets, speed will be a consideration. That said, backup speed is highly dependent upon the hardware and transport technology in use. Further reading: Check out PCWorld’s roundup of best external drives for recommendations on reliable storage options — an important component in a comprehensive backup strategy. FAQ 1. What is the best Windows backup software? The best Windows backup software is Easeus Todo Backup 2025 . It has everything PCWorld expects to see in a top product: A polished interface, intuitive functionality, a comprehensive approach to backing up data including imaging, file backup, sync, and disaster recovery. And most important, it’s reliable! Todo Backup also offers the option of a perpetual license or a subscription model, the latter of which can be augmented with affordable cloud storage. 2. What is the best free Windows backup software? It turns out that PCWorld’s favorite for-pay backup software, Easeus Todo Backup 2025 , also offers a surprisingly robust free version. It matches its paid counterpart in basics such as imaging, file backup, sync, and, most especially — disaster recovery. It also features the same eminently user-friendly interface. As with most backup freeware, you will be nagged to upgrade, and Easeus’s optional cloud storage, which is surprisingly affordable, is only available at the subscription tier. 3. Will backup software slow down my computer? Backup software typically runs in the background or during dead time, so given even moderately modern hardware, you shouldn’t notice any decrease in performance. Most programs let you throttle the backup process if you do notice a slowdown. 4. Does Windows Backup and Restore (Windows 7) save everything? Yes, by default, Backup and Restore (Windows 7) saves everything on your system disk (all the partitions, including hidden ones) in what’s known as an image file that would be suitable for disaster recovery if Windows Recovery Drive and Rescue disk were reliable. News bulletin — they aren’t. Hence, we only recommend this program for creating highly compatible VHD/VHDX images of your data drives and partitions which can be mounted as virtual drives and browsed using nothing but Windows Explorer. 5. What’s the difference between Google Drive, Dropbox, OneDrive, etc. and backup software? Google Drive, Dropbox, and OneDrive are what’s known as cloud storage , or online storage. They create a local virtual drive that you can drag files to, and which is eventually synced to the cloud as time allows. They also provide a Web portal where you can manage your files remotely. However, by default these services sync changes in the data across all devices. True backups should be immutable snapshots that may be added to but not changed. Some services offer versioning (keeping older files, and adding new ones), which creates a close approximation to backup. Cloud backup services (distinct from those mentioned above) offer many, though not all, of the benefits of Windows backup software. This is generally done with local client software that offers just basic functions like file backup and sync. You can learn more about these in our roundup of best cloud backup services . 6. How often should backups be scheduled? Ideally, as often as your data changes. If you are working on an important project or have work that you absolutely cannot afford to lose, you should consider real time (as data changes) or continuous (very short intervals). Hourly, daily, or longer intervals will be fine for the average user. All file backups should be augmented by weekly or monthly system backups. 7. Can I back up files to and from my cloud storage? Until a few years ago, most Windows backup software was restricted to making local backups — i.e., to another drive, external or internal, connected to your system. There were of course services such as Mozy that had their own backup clients, but that’s covered in our online backup roundup. Here we’re talking just plain backup programs. The situation is improving rapidly, and many backup software vendors are adding online storage services as destinations for their backups. If your favorite backup program doesn’t support cloud storage directly, a cloud storage manager that integrates online storage services into File Explorer can make online backup possible with just about any backup app. 8. What’s the difference between full, differential, and incremental backup? A full backup is a backup of all your data, regardless of how new or old it is. A differential backup is all the data that’s changed since your last full backup. An incremental backup is all the data that’s changed since any your original full and/or the last differential/incremental backup. Differential and incremental backups require a initial full backup to be restored. Differential backups require more time to create than incremental backups, but are quicker to restore since you only need the latest iteration. Differential backups can grow to be quite large if you don’t perform full backups very often. Incremental backups take less time to produce and are smaller, but take longer to restore as all of them created since the last full backup must be restored in the order in which they were created. 9. What’s the difference between image backup, system backup, and file backup? An image is low-level backup of all the sectors (including “empty” sectors if you wish) contained by a disk or partition, regardless of their pertinence to your files. It’s basically fool-proof in terms of accidentally overlooking important data. A system backup is an disk image backup of all the partitions on your system drive. This includes several that are hidden, i.e., not enumerated as drive letters by the operating system. A system backup might also include other drives, but must contain the OS drive. A file backup is a high-level backup of data read via the operating system’s file system. Most often this is data, but may include all the files on a drive. 10. What should I back up? In truth, it’s only your essential personal data that must absolutely, positively, 100% be backed up. Once the family pictures or your work-in-progress are trashed with no backup, there’s no way back other than an expensive recovery service, and even that’s not guaranteed if the physical media is unreadable. On the other hand, a system backup is exceedingly handy for getting you back up to speed with minimal hassle. It returns your system to exactly where you were at the time of the backup: OS, program, updates, upgrades, settings, data are all back in a relative blink of the eye. But it’s not essential. While reinstalling operating systems, drivers, and programs, as well as adjusting settings require more effort, you can then recover your data if that’s all you backed up. See the first paragraph. Related content PCWorld software reviews Best online backup: iDrive, Backblaze, Livedrive, and more Backing up your backups: Advanced backup tricks for cloud storage 5 tools that integrate your cloud storage into Windows File Explorer Windows 11’s new Backup and Restore process just makes everything worse

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

OpenClaw can bypass your EDR, DLP and IAM without triggering a single alert

An attacker embeds a single instruction inside a forwarded email. An OpenClaw agent summarizes that email as part of a normal task. The hidden instruction tells the agent to forward credentials to an external endpoint. The agent complies — through a sanctioned API call, using its own OAuth tokens. The firewall logs HTTP 200. EDR records a normal process. No signature fires. Nothing went wrong by any definition your security stack understands. That is the problem. Six independent security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived every one of them. The exposure picture is already worse than most security teams know. Token Security found that 22% of its enterprise customers have employees running OpenClaw without IT approval, and Bitsight counted more than 30,000 publicly exposed instances in two weeks, up from roughly 1,000. Snyk’s ToxicSkills audit adds another dimension: 36% of all ClawHub skills contain security flaws. Jamieson O’Reilly, founder of Dvuln and now security adviser to the OpenClaw project, has been one of the researchers pushing fixes hardest from inside. His credential leakage research on exposed instances was among the earliest warnings the community received. Since then, he has worked directly with founder Peter Steinberger to ship dual-layer malicious skill detection and is now driving a capabilities specification proposal through the agentskills standards body. The team is clear-eyed about the security gaps, he told VentureBeat. “It wasn’t designed from the ground up to be as secure as possible,” O’Reilly said. “That’s understandable given the origins, and we’re owning it without excuses.” None of it closes the three gaps that matter most. Three attack surfaces your stack cannot see The first is runtime semantic exfiltration. The attack encodes malicious behavior in meaning, not in binary patterns, which is exactly what the current defense stack cannot see. Palo Alto Networks mapped OpenClaw to every category in the OWASP Top 10 for Agentic Applications and identified what security researcher Simon Willison calls a “lethal trifecta”: private data access, untrusted content exposure, and external communication capabilities in a single process. EDR monitors process behavior. The agent’s behavior looks normal because it is normal. The credentials are real, and the API calls are sanctioned, so EDR reads it as a credentialed user doing expected work. Nothing in the current defense ecosystem tracks what the agent decided to do with that access, or why. The second is cross-agent context leakage. When multiple agents or skills share session context, a prompt injection in one channel poisons decisions across the entire chain. Giskard researchers demonstrated this in January 2026, showing that agents silently appended attacker-controlled instructions to their own workspace files and waited for commands from external servers. The injected prompt becomes a sleeper payload. Palo Alto Networks researchers Sailesh Mishra and Sean P. Morgan warned that persistent memory turns these attacks into stateful, delayed-execution chains. A malicious instruction hidden inside a forwarded message sits in the agent’s context weeks later, activating during an unrelated task. O’Reilly identified cross-agent context leakage as the hardest of these gaps to close. “This one is especially difficult because it is so tightly bound to prompt injection, a systemic vulnerability that is far bigger than OpenClaw and affects every LLM-powered agent system in the industry,” he told VentureBeat. “When context flows unchecked between agents and skills, a single injected prompt can poison or hijack behavior across the entire chain.” No tool in the current ecosystem provides cross-agent context isolation. IronClaw sandboxes individual skill execution. ClawSec monitors file integrity. Neither tracks how context propagates between agents in the same workflow. The third is agent-to-agent trust chains with zero mutual authentication. When OpenClaw agents delegate tasks to other agents or external MCP servers, no identity verification exists between them. A compromised agent in a multi-agent workflow inherits the trust of every agent it communicates with. Compromise one through prompt injection, and it can issue instructions to every agent in the chain using trust relationships that the legitimate agent already built. Microsoft’s security team published guidance in February calling OpenClaw untrusted code execution with persistent credentials, noting the runtime ingests untrusted text, downloads and executes skills from external sources, and performs actions using whatever credentials it holds. Kaspersky’s enterprise risk assessment added that even agents on personal devices threaten organizational security because those devices store VPN configs, browser tokens, and credentials for corporate services. The Moltbook social network for OpenClaw agents already demonstrated the spillover risk: Wiz researchers found a misconfigured database that exposed 1.5 million API authentication tokens and 35,000 email addresses. What 14 days of emergency patching actually closed The defense ecosystem split into three approaches. Two tools harden OpenClaw in place. ClawSec , from Prompt Security (a SentinelOne company), wraps agents in continuous verification, monitoring critical files for drift and enforcing zero-trust egress by default. OpenClaw’s VirusTotal integration , shipped jointly by Steinberger, O’Reilly, and VirusTotal’s Bernardo Quintero, scans every published ClawHub skill and blocks known malicious packages. Two tools are full architectural rewrites. IronClaw , NEAR AI’s Rust reimplementation, runs all untrusted tools inside WebAssembly sandboxes where tool code starts with zero permissions and must explicitly request network, filesystem, or API access. Credentials get injected at the host boundary and never touch agent code, with built-in leak detection scanning requests and responses. Carapace , an independent open-source project, inverts every dangerous OpenClaw default with fail-closed authentication and OS-level subprocess sandboxing. Two tools focus on scanning and auditability: Cisco's open-source scanner combines static, behavioral, and LLM semantic analysis, while NanoClaw reduces the entire codebase to roughly 500 lines of TypeScript, running each session in an isolated Docker container. O’Reilly put the supply chain failure in direct terms. “Right now, the industry basically created a brand-new executable format written in plain human language and forgot every control that should come with it,” he said. His response has been hands-on. He shipped the VirusTotal integration before skills.sh, a much larger repository, adopted a similar pattern. Koi Security’s audit validates the urgency: 341 malicious skills found in early February grew to 824 out of 10,700 on ClawHub by mid-month, with the ClawHavoc campaign planting the Atomic Stealer macOS infostealer inside skills disguised as cryptocurrency trading tools, harvesting crypto wallets, SSH credentials, and browser passwords. OpenClaw Security Defense Evaluation Matrix Dimension ClawSec VirusTotal Integration IronClaw Carapace NanoClaw Cisco Scanner Discovery Agents only ClawHub only No mDNS scan No No Runtime Protection Config drift No WASM sandbox OS sandbox + prompt guard Container isolation No Supply Chain Checksum verify Signature scan Capability grants Ed25519 signed Manual audit (~500 LOC) Static + LLM + behavioral Credential Isolation No No WASM boundary injection OS keychain + AES-256-GCM Mount-restricted dirs No Auditability Drift logs Scan verdicts Permission grant logs Prometheus + audit log 500 lines total Scan reports Semantic Monitoring No No No No No No Source: VentureBeat analysis based on published documentation and security audits, March 2026. The capabilities spec that treats skills like executables O’Reilly submitted a skills specification standards update to the agentskills maintainers, led primarily by Anthropic and Vercel, that is in active discussion. The proposal requires every skill to declare explicit, user-visible capabilities before execution. Think mobile app permission manifests. He noted the proposal is getting strong early feedback from the security community because it finally treats skills like the executables they are. “The other two gaps can be meaningfully hardened with better isolation primitives and runtime guardrails, but truly closing context leakage requires deep architectural changes to how untrusted multi-agent memory and prompting are handled,” O’Reilly said. “The new capabilities spec is the first real step toward solving these challenges proactively instead of bolting on band-aids later.” What to do on Monday morning Assume OpenClaw is already in your environment. The 22% shadow deployment rate is a floor. These six steps close what can be closed and document what cannot. Inventory what is running. Scan for WebSocket traffic on port 18789 and mDNS broadcasts on port 5353. Watch corporate authentication logs for new App ID registrations, OAuth consent events, and Node.js User-Agent strings. Any instance running a version before v2026.2.25 is vulnerable to the ClawJacked remote takeover flaw. Mandate isolated execution. No agent runs on a device connected to production infrastructure. Require container-based deployment with scoped credentials and explicit tool whitelists. Deploy ClawSec on every agent instance and run every ClawHub skill through VirusTotal and Cisco's open-source scanner before installation. Both are free. Treat skills as third-party executables, because that is what they are. Require human-in-the-loop approval for sensitive agent actions. OpenClaw’s exec approval settings support three modes: security, ask, and allowlist. Set sensitive tools to ask so the agent pauses and requests confirmation before executing shell commands, writing to external APIs, or modifying files outside its workspace. Any action that touches credentials, changes configurations, or sends data to an external endpoint should stop and wait for a human to approve it. Map the three surviving gaps against your risk register. Document whether your organization accepts, mitigates, or blocks each one: runtime semantic exfiltration, cross-agent context leakage, and agent-to-agent trust chains. Bring the evaluation table to your next board meeting. Frame it not as an AI experiment but as a critical bypass of your existing DLP and IAM investments. Every agentic AI platform that follows will face this same defense cycle. The framework transfers to every agent tool your team will assess for the next two years. The security stack you built for applications and endpoints catches malicious code. It does not catch an agent following a malicious instruction through a legitimate API call. That is where these three gaps live.

Amazon’s 4K Fire TV Stick Max is 42% off today

Amazon’s 4K Fire TV Stick Max is 42% off today

NOW 42% OFF Amazon Fire TV Stick 4K Max View Deal Stop worrying about how you’re going to keep watching your shows when you go on vacation or switch TVs. All you need is an Amazon Fire TV Stick 4K Max, which is now on sale for just $35 (was $60) thanks to a stunning 42% discount. This is very close to the lowest price it’s ever been! So if you’ve been eyeing one, now’s the time. This tiny streaming device is everything you could want to stream all your shows and movies, no matter where you are. Depending on what TV you have at home, this can easily become your streaming central, especially if you have a non-smart TV or one with a lacking OS that doesn’t let you install all the apps you want (as long as your TV has HDMI). Either way, the Fire TV Stick 4K Max makes streaming movies and shows in 4K resolution as easy as breathing. Throw in Dolby Vision and immersive Dolby Atmos audio support and you get a truly cinematic experience. It seamlessly integrates with Alexa, too, which means it will be even easier to search for movies, launch apps, and control compatible smart home devices using voice commands. Beyond traditional media consumption, the Fire TV Stick 4K Max also serves as a great platform for gamers. With Xbox Game Pass, you can cloud stream popular Xbox games directly on your TV even if you don’t have any Xbox consoles. So, what are you waiting for? The Fire TV Stick 4K Max is a great pick at $35, the best price I’ve seen for it all year.