Picture a VP of finance at a large retailer. She asks the company’s new AI analytics agent a simple question: “What was our revenue last quarter?” The answer comes back in seconds.

Confident.

Clean.

Wrong.

The 💜 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!

That exact scenario happens more frequently than many organizations would care to admit. AtScale, which enables organizations to deploy governed analytics environments and semantic consistency, has found that simply increasing model parameterization alone cannot address the AI governance and context issues enterprises face.

When AI systems query inconsistent or ungoverned data, adding more model complexity doesn’t contain the problem, it compounds it. Organizations across industries have acted quickly to develop agentic AI, deploying systems that analyze data, generate insights, and trigger automated workflows. In response to this trend, the AI models have adapted to react quickly via larger model parameters, increased computing power, and additional features. The underlying assumption has been that as long as the model gets large enough, the eventual result will be reliable.

However, there are indications that this assumption may not hold up. Recent TDWI research found that nearly half of respondents characterized their AI governance initiatives as either immature or very immature. This may have more to do with data lineage and the business definitions on which these models are based than with the models’ capabilities.

At AtScale, there’s a consistent theme among our clients: When inconsistent data definitions followed organizations into their AI layer, the problems didn’t stop there. They propagated forward, typically at greater speed and with less transparency than the previous layer had offered.

Performance and responsibility are separate jobs. A model reasons. A governance layer defines what the model reasons over, constrains how it applies business logic, and ensures outputs can be traced back to a source of record. One cannot substitute for the other.

DoorDash has launched a new option for its gig economy workers to earn some extra cash. The delivery service introduced Tasks, which it describes as “short activities Dashers can complete between deliveries or in their own time.” It gives taking pictures of restaurant dishes or recording video of unscripted conversations in languages other than English as examples. These materials will be used to train artificial intelligence and robotics models.

A representative from DoorDash told Bloomberg News that it will use Tasks content for evaluating its in-house AI models as well as those made by its partner companies in retail, insurance, hospitality and tech. DoorDash is piloting a standalone app for Tasks where Dashers will submit their content. The blog post notes that pay will be displayed upfront, and compensation will vary based on the complexity of the activity.

This idea isn’t new. We’ve seen other startups in AI and robotics offering payment for content filmed by regular people. Considering how many lawsuits are underway against AI companies that have already benefited from unauthorized use of copyrighted materials, at least this approach lets people be directly compensated for training content.

Searching for a reason to buy collectors’ editions of Mattel products? With the toy drops unveiled during Mattel Creations Revealed event Thursday, you may be able to make a case for yourself. Homing in on fandoms ranging from anime to Barbie to Monster High, the company shared a fresh lineup of releases. Masters of the Universe fans: lock in.

You can stack Mattel Bricks to create Eternia’s legendary Castle Grayskull with a new set (pictured above) that’s the first of its kind for the toy giant. Get into your display — or play — with Masters of the Universe Nano figures depicting characters like He-Man, Evil-Lyn, Skeletor, Battle Cat and Teela. Available in the Brick Shop starting April 25, the set will retail for $65. For fans who want a bit of extra nostalgia, you can also buy the light-up Laser Power He-Man figure for $30 to add to your display.

Mattel has been on somewhat of a roll with its Monster High Skullector series, with doll collabs that feature iconic movie and TV favorites like Coraline, Wednesday and Morticia, Pennywise and Alien. Skeletor has been added to the collection and is quite the baddie. Just check out the outfit, high-heeled boots and signature smirk. Her staff speaks as well, but I won’t spoil it by telling you the catchphrase. The price? $65.

If the He-Man franchise isn’t for you, maybe you’ll be into the drop for Naruto. Burn up a Hot Wheels track with the Nissan Silvia S15 model that carries Naruto emblazoned on both sides. Making its debut as part of a partnership between Mattel and anime franchises, the car is priced at $25.

We’ve seen Barbie go couture in the past, and Mattel has just revealed its atelier design that takes handcrafted fashion up a notch. The new poseable Grand Couture Silkstone Barbie doll retails for $342, stands at 14.5 inches and wears a ruffled coat (with a train) with a shimmery embroidered dress underneath. Drop earrings and pink boots complete the high-end look.

Not to be sidelined at today’s event, Ken was spotlighted with the release of his own Uno card deck that features a variety of, well, Kens. Celebrate his 65th anniversary with the $13 deck, and you can decide if you’ve had Ken-ough of draw fours and skips.

One of the other pop culture moments — and figures — commemorated with a toy reveal today came in the form of WWE star Stone Cold Steve Austin. He’s been immortalized as a Mattel action figure that captures when he coined his 3:16 catchphrase 30 years ago, with the Elite Collection addition coming equipped with a crown, table and throne. Get it for your WWE collection for $30.

Navia Benefit Solutions, Inc. (Navia) is informing nearly 2.7 million individuals of a data breach that exposed their sensitive information to attackers.

An investigation into the incident revealed that the hackers had access to the organization’s systems between December 22, 2025, and January 15, 2026. However, the company discovered the suspicious activity on January 23.

Navia says that it responded immediately and launched an inquiry to determine the potential impact of the incident.

“The investigation determined that an unauthorized actor accessed and acquired certain information between December 22, 2025, and January 15, 2026,” the company says in the notification to impacted individuals.

Navia is a consumer-focused administrator of benefits that provides services to more than 10,000 employers across the U.S.

The company provides software and customer services for the administration of Flexible Spending Accounts (FSA), Health Savings Accounts (HSA), Health Reimbursement Arrangements (HRA), Commuter Benefits and COBRA Services.

It also helps handle commuter benefits, lifestyle accounts, education benefits, compliance/risk services, and retirement-related offerings.

According to the company, the investigation into the breach revealed that the hacker accessed and may have exfiltrated the following types of data:

• Full name
• Date of birth
• Social Security Number (SSN)
• Phone number
• Email address
• Participation in HRA (Health Reimbursement Arrangements)
• FSA (Flexible Spending Accounts) information
• Consolidated Omnibus Budget Reconciliation Act (COBRA) enrollment information

Navia underlines that the data breach did not expose details about claims or financial information. Nevertheless, the exposed data is enough for threat actors to deploy phishing and social engineering attacks aimed at affected individuals.

The company states that it has reviewed its security posture and data retention policies to identify potential weaknesses that can be improved, and has notified federal law enforcement about the incident.

Customers whose information was exposed will be covered by a free 12-month identity protection and credit monitoring service from Kroll. Letter recipients are also encouraged to consider placing a fraud alert and security freeze on their credit files.

At the time of writing, no ransomware group has claimed the Navia data breach.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Advertisement

Download The Report

Crypto-powered gift card store Bitrefill says that the attack it suffered at the beginning of the month was likely perpetrated by North Korean hackers of the Bluenoroff group.

During the investigation, the platform observed indicators similar to previous attacks attributed to the North Korean threat actor, like tactics, malware, IP and email addresses.

“Based on indicators observed during the investigation  – including the modus operandi, the malware used, on-chain tracing and reused IP + email addresses (!) – we find many similarities between this attack and past cyberattacks by the DPRK Lazarus / Bluenoroff group against other companies in the crypto industries,” reads Bitrefill’s statement.

Bitrefill is a mid-sized e-commerce platform that enables people to pay in cryptocurrency for gift cards at stores in 150 countries. The gift cards can be used to pay for anything from clothing, food and groceries, health and beauty products to bills, services, gas, transportation, and electronics.

The platform supports more than 600 mobile operators and thousands of brands worldwide.

On March 1st, Bitrefill announced technical issues affecting access to its website and app. A day later, the company disclosed that it had identified a security issue and took all services offline.

Although user balances were not affected, the gradual restoration of all services still continues to this day.

The breach was discovered after Bitrefill noticed suspicious supplier purchasing patterns, exploitation of gift card stock and supply lines, and draining of some “hot” wallets.

The investigation the firm launched to determine the cause revealed that the attack originated on a compromised employee’s laptop.

The attackers stole legacy credentials and used them to access a snapshot with production secrets, later escalating access to the larger Bitrefill infrastructure, including parts of the database and some cryptocurrency wallets.

About 18,500 purchase records containing customer email addresses, IP addresses, and cryptocurrency payment addresses were exposed in the breach. For 1,000 purchases, customer names were also exposed.

Although this information is stored in encrypted form, Bitrefill notes that the attackers may have obtained the decryption keys.

Bitrefill says this was the most serious cyberattack it has suffered in its ten years of existence, but it survived with minimal losses, which will be covered from its capital.

Ultimately, Bitrefill believes that attackers were after cryptocurrency and gift card inventory, not customer information.

BlueNoroff, also known as APT38, is a cluster of the Lazarus group that has been active since at least 2014. It typically targets financial organizations, with a more recent focus on the cryptocurrency industry, the objective being crypto theft.

Bitrefill says this was the most serious cyberattack it has suffered in the ten years of its existence, but it survived with minimal losses, which will be covered from its capital.

Meanwhile, it is expanding security reviews and pen-testing, tightening access controls, improving logging and monitoring, and refining automated shutdown mechanisms.

At this time, most of its services have returned to normal operational status, and customers aren’t required to take any action beyond treating incoming communications with extra caution.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Download The Report

• GMKtec EVO-T2 mini PC reaches 180 TOPS using combined CPU, GPU, and NPU acceleration
• Its PCIe 5.0 storage introduces data speeds exceeding 10GB per second
• Local AI models run without relying on external cloud infrastructure

At a recent launch event, GMKtec introduced the GMKtec EVO-T2, a compact desktop system built for local AI computing.

According to the company, the device integrates third-generation Intel Core Ultra processors and claims up to 180 TOPS of compute capability.

Every few years, a piece of open-source software arrives that rewires how the industry thinks about computing. Linux did it for servers. Docker did it for deployment. OpenClaw — the autonomous AI agent platform that went from niche curiosity to the fastest-growing open-source project in history in a matter of weeks — may be doing it for software itself.

Nvidia CEO and co-founder Jensen Huang made his position plain at GTC 2026 this week: “OpenClaw is the operating system for personal AI. This is the moment the industry has been waiting for — the beginning of a new renaissance in software.” And Nvidia wants to be the company that makes it enterprise-ready.

At its annual large GTC 2026 conference in San Jose this week, Nvidia unveiled NemoClaw, a software stack that integrates directly with OpenClaw and installs in a single command. Along with it came Nvidia OpenShell, an open-source security runtime designed to give autonomous AI agents — or “claws”, as the industry is increasingly calling them — the guardrails they need to operate inside real enterprise environments. Alongside both, the company announced an expanded Nvidia Agent Toolkit, a full-stack platform for building and running production-grade agentic workflows.

The message from Jensen Huang was unambiguous. “Claude Code and OpenClaw have sparked the agent inflection point — extending AI beyond generation and reasoning into action,” the Nvidia CEO said ahead of the conference. “Employees will be supercharged by teams of frontier, specialized and custom-built agents they deploy and manage.” Watch my video overview of it below and read on for more:

Why ‘claws’ — and why it matters that Nvidia is using the word

The terminology shift happening inside enterprise AI circles is subtle but significant. Internally, teams building with OpenClaw and similar platforms have taken to calling individual autonomous agents claws — a nod to the platform name, but also a useful shorthand for a new class of software that differs fundamentally from the chatbots and copilots of the last two years.

As Kari Briski, Nvidia’s VP of generative AI software, put it during a Sunday briefing: “Claws are autonomous agents that can plan, act, and execute tasks on their own — they’ve gone from just thinking and executing on tasks to achieving entire missions.”

That framing matters for IT decision-makers. Claws are not just assistants. They are persistent, tool-using programs that can write code, browse the web, manipulate files, call APIs, and chain actions together over hours or days without human input. The productivity upside is substantial. So is the attack surface. Which is precisely the problem Nvidia is positioning NemoClaw to solve.

The enterprise demand is not hypothetical. Harrison Chase, founder of LangChain — whose open-source agent frameworks have been downloaded more than a billion times — put it bluntly in a recent episode of VentureBeat’s Beyond the Pilot podcast: “I guarantee that every enterprise developer out there wants to put a safe version of OpenClaw onto onto their computer or expose it to their users.” The bottleneck, he made clear, has never been interest. It has been the absence of a credible security and governance layer underneath it. NemoClaw is Nvidia’s answer to that gap — and notably, LangChain is one of the launch partners for the Agent Toolkit and OpenShell integration.

What NemoClaw actually does — and what it doesn’t replace

NemoClaw is not a competitor to OpenClaw (or the now many alternatives). It is best understood as an enterprise wrapper around it — a distribution that ships with the components a security-conscious organization actually needs before letting an autonomous agent near production systems.

The stack has two core components. The first is Nvidia Nemotron, Nvidia’s family of open models, which can run locally on dedicated hardware rather than routing queries through external APIs. Nemotron-3-Super, scored the highest out of all open models on PinchBench, a benchmark that tests the types of tasks and tools calls needed by OpenClaw.

The second is OpenShell, the new open-source security runtime that runs each claw inside an isolated sandbox — effectively a Docker container with configurable policy controls written in YAML. Administrators can define precisely which files an agent can access, which network connections it can make, and which cloud services it can call. Everything outside those bounds is blocked.

Nvidia describes OpenShell as providing the missing infrastructure layer beneath claws — giving them the access they need to be productive while enforcing policy-based security, network, and privacy guardrails.

For organizations that have been watching OpenClaw’s rise with a mixture of excitement and dread, this is a meaningful development. OpenClaw’s early iterations were, by general consensus, a security liability — powerful and fast-moving, but essentially unconstrained. NemoClaw is the first attempt by a major hardware vendor to make that power manageable at enterprise scale.

The hardware angle: always-on agents need dedicated compute

One aspect of NemoClaw that deserves more attention than it has received is the hardware strategy underneath it. Claws, by design, are always-on — they do not wait for a human to open a browser tab. They run continuously, monitoring inboxes, executing tasks, building tools, and completing multi-step workflows around the clock.

That requires dedicated compute that does not compete with the rest of the organization’s workloads. Nvidia has a clear interest in pointing enterprises toward its own hardware for this purpose.

NemoClaw is designed to run on Nvidia GeForce RTX PCs and laptops, RTX PRO workstations, and the company’s DGX Spark and DGX Station AI supercomputers. The hybrid architecture allows agents to use locally-running Nemotron models for sensitive workloads, with a privacy router directing queries to frontier cloud models when higher capability is needed — without exposing private data to those external endpoints.

It is an elegant solution to a real problem: many enterprises are not yet ready to send customer data, internal documents, or proprietary code to cloud AI providers, but they still need model capability that exceeds what runs locally. NemoClaw’s privacy router architecture threads that needle, at least in principle.

What claws actually look like in the enterprise 

Before evaluating the platform, it helps to understand what a claw doing real work looks like in practice. Two partner integrations announced alongside NemoClaw offer the clearest window into where this is heading.

Box is perhaps the most illustrative case for organizations that manage large volumes of unstructured enterprise content.

Box is integrating Nvidia Agent Toolkit to enable claws that use the Box file system as their primary working environment, with pre-built skills for Invoice Extraction, Contract Lifecycle Management, RFP sourcing, and GTM workflows.

The architecture supports hierarchical agent management: a parent claw — such as a Client Onboarding Agent — can spin up specialized sub-agents to handle discrete tasks, all governed by the same OpenShell Policy Engine.

Critically, an agent’s access to files in Box follows the exact same permissions model that governs human employees — enforced through OpenShell’s gateway layer before any data is exchanged. Every action is logged and attributable; no shadow copies accumulate in agent memory. As Box puts it in their announcement blog, “organizations need to know which agent touched which file, when, and why — and they need the ability to revoke access instantly if something goes wrong.”

Cisco’s integration offers perhaps the most visceral illustration of what OpenShell guardrails enable in practice. The Cisco security team has published a scenario in which a zero-day vulnerability advisory drops on a Friday evening.

Rather than triggering a weekend-long manual scramble — pulling asset lists, pinging on-call engineers, mapping blast radius — a claw running inside OpenShell autonomously queries the configuration database, maps impacted devices against the network topology, generates a prioritized remediation plan, and produces an audit-grade trace of every decision it made.

Cisco AI Defense verifies every tool call against approved policy in real time. The entire response completes in roughly an hour, with a complete record that satisfies compliance requirements.

“We are not trusting the model to do the right thing,” the Cisco team noted in their technical writeup. “We are constraining it so that the right thing is the only thing it can do.”

An ecosystem play: the partners behind the stack

Nvidia is not building this alone. The Agent Toolkit and OpenShell announcements came with a significant roster of enterprise partners — Box, Cisco, Atlassian, Salesforce, SAP, Adobe, CrowdStrike, Cohesity, IQVIA, ServiceNow, and more than a dozen others — whose integration depth signals how seriously the broader software industry is treating the agentic shift.

On the infrastructure side, OpenShell is available today on build.nvidia.com, supported by cloud inference providers including CoreWeave, Together AI, Fireworks, and DigitalOcean, and deployable on-premises on servers from Cisco, Dell, HPE, Lenovo, and Supermicro. Agents built within OpenShell can also continuously acquire new skills using coding agents including Claude Code, Codex, and Cursor — with every newly acquired capability subject to the same policy controls as the original deployment.

Separately, Nvidia announced the Nemotron Coalition — a collaborative initiative bringing together Mistral AI, Perplexity, Cursor, and LangChain to co-develop open frontier models. The coalition’s first project is a base model co-developed with Mistral that will underpin the upcoming Nemotron 4 family, aimed specifically at agentic use cases.

What enterprise leaders should be watching

The NemoClaw announcement marks a turning point in how enterprise AI is likely to be discussed in boardrooms and procurement meetings over the next twelve months. The question is no longer whether organizations will deploy autonomous agents. The industry has clearly moved past that debate. The question is now how — with what controls, on what hardware, using which models, and with what audit trail.

Nvidia’s answer is a vertically integrated stack that spans silicon, runtime, model, and security policy. For IT leaders evaluating their agentic roadmap, NemoClaw represents a significant attempt to provide all four layers from a single vendor, with meaningful third-party security integrations already in place.

The risks are not trivial. OpenShell’s YAML-based policy model will require operational maturity that most organizations are still building. Claws that can self-evolve and acquire new skills — as Nvidia’s architecture explicitly enables — raise governance questions that no sandbox can fully resolve. And the concentration of agentic infrastructure in a single vendor’s stack carries familiar platform risks.

That said the direction is clear. Claws are coming to the enterprise. Nvidia just made its bet on being the platform they run on — and the guardrails that keep them in bounds.

Bowers & Wilkins isn’t pretending this is a breakthrough and that’s exactly the point. The British luxury audio brand has expanded its flagship Pi8 true wireless earbuds and Px7 S3 noise-cancelling headphones with a slate of new premium finishes, leaning into a trend that’s been quietly reshaping the high-end audio category: color as innovation. The Pi8 now arrives in Dark Burgundy and Pale Mauve, bringing the total to six finishes, while the Px7 S3 adds a new Vintage Maroon option to its growing lineup.

If that sounds familiar, it should. Last year, I pointed out how a long list of premium audio brands had started treating industrial design and colorways not as afterthoughts, but as a legitimate product cycle strategy; extending relevance without touching the underlying acoustics. Bowers & Wilkins is now fully committed to that playbook. The hardware hasn’t changed and it didn’t need to, but the visual refresh keeps both models firmly in the conversation in a market that’s running out of meaningful spec-sheet upgrades.

Available starting March 19, the new finishes don’t come cheap: $499 for the Pi8 in Pale Mauve or Dark Burgundy, and $479 for the Px7 S3 in Vintage Maroon. Same award-winning sound, new wardrobe. Whether that counts as innovation or just smart business depends on how easily you’re seduced by a better shade of red.

What Are the Bowers & Wilkins Pi8?

The Bowers & Wilkins Pi8 are the company’s flagship true wireless earbuds, positioned as a no-compromise attempt to deliver genuine high-end sound in a category that usually prioritizes convenience over fidelity. In our review, the Pi8 stand out for their refined tuning, clarity, and sense of control, offering a presentation that feels closer to a compact hi-fi system than a typical pair of wireless earbuds. They’re designed for listeners who actually pay attention to what they’re hearing and not just how easily it connects.

At their core, the Pi8 combine carbon cone drivers, advanced DSP, and support for aptX Lossless to push beyond the limitations that have traditionally defined Bluetooth audio. Bowers & Wilkins also includes a smart charging case with retransmission capability, allowing wired sources to be streamed directly to the earbuds; an unusually practical feature that adds real-world flexibility. It’s a more thoughtful approach than most, focusing on how people actually use their gear rather than chasing feature checklists.

That said, the Pi8 don’t try to win on every front. As we noted in our review, the emphasis is clearly on sound quality, materials, and overall refinement, rather than class-leading noise cancellation or mass-market pricing. If overall sound quality, comfort, and strong but not class leading ANC matter most, these are among the best options available.

What Are the Bowers & Wilkins Px7 S3?

The Bowers & Wilkins Px7 S3 are the brand’s latest over-ear wireless noise-cancelling headphones, sitting just below the Px8 S2 but very much aimed at the same crowd that shops Sony, Bose, and Sennheiser at the top of the category. In our review, they come across as a deliberate refinement of what Bowers & Wilkins has been building for over a decade; premium materials, a more mature design language, and a clear focus on sound quality first. This isn’t a lifestyle headphone trying to fake it. It’s a high-end hi-fi product that just happens to be wireless. 

Where the Px7 S3 separates itself is in how it sounds relative to its competition. As noted in the review, it delivers audiophile-grade clarity, deep and controlled bass, and a level of detail that outpaces most rivals in this price range, including the usual suspects from Sony, Bose, and Apple. Bowers & Wilkins has also refined the internal driver design and overall tuning, while adding modern essentials like aptX Lossless and a more flexible EQ. The result is a presentation that feels more composed and revealing than what you typically get from mainstream ANC headphones.

That said, like the Pi8, the Px7 S3 doesn’t try to dominate every category. The review makes it clear that while ANC is improved and competitive, it’s not the class leader, and comfort is very good without being the lightest or most effortless in the segment. This is a headphone built around priorities: sound quality, build, and long-term listening satisfaction. If that’s what matters most, it’s one of the strongest all-around options available right now and one of the few that still feels like it was tuned by people who actually prioritise sound quality over ANC and connectivity features.

The Bottom Line

New colors are not innovation, but they do make the Pi8 and Px7 S3 feel fresher and harder to ignore. More importantly, this kind of refresh signals longevity these models are not going anywhere. Same excellent sound, now with a little more swagger.

Where to buy:

Tip: These new finishes add to the existing colors which include back, white, blue and jade green. Currently the new colors are only available at the Bowers & Wilkins website.

Related Reading: