History Repeats: Security in the AI Agent Era

Presented by

AI agents are being deployed with the same trust-by-default architecture the early internet had. Same mistakes, MUCH faster timeline.

OpenClaw has hit 180K+ GitHub stars. But in the past week:

• 341 malicious skills on ClawHub were distributing Atomic Stealer
• ZeroPath disclosed a Browser Relay vuln enabling cross-tab cookie theft
• CrowdStrike, Cisco, and Bitdefender all published enterprise advisories
• VirusTotal partnered with ClawHub to scan uploads
• Korean tech firms (Kakao, Naver, Karrot) banned it on corporate networks
• 1,000+ Open PRs, 250+ less than 24 hours old.

But how does this thing actually work? Join James Wilson as he explains why banning these types of agents doesn’t work, why browser sessions are now API surfaces, and why your organisation needs to think of these issues early or be condemned to decades of catch-up programs.