Security researchers scanning the internet found over 1,800 exposed instances leaking API keys, chat histories, and account credentials. The project has been rebranded twice in recent weeks due to trademark disputes.
The grassroots agentic AI movement is also the biggest unmanaged attack surface that most security tools can’t see.
Enterprise security teams didn’t deploy this tool. Neither did their firewalls, EDR, or SIEM. When agents run on BYOD hardware, security stacks go blind. That’s the gap.
Advertisement
Why traditional perimeters can’t see agentic AI threats
Most enterprise defenses treat agentic AI as another development tool requiring standard access controls. OpenClaw proves that the assumption is architecturally wrong.
Agents operate within authorized permissions, pull context from attacker-influenceable sources, and execute actions autonomously. Your perimeter sees none of it. A wrong threat model means wrong controls, which means blind spots.
“AI runtime attacks are semantic rather than syntactic,” Carter Rees, VP of Artificial Intelligence at Reputation, told VentureBeat. “A phrase as innocuous as ‘Ignore previous instructions’ can carry a payload as devastating as a buffer overflow, yet it shares no commonality with known malware signatures.”
Simon Willison, the software developer and AI researcher who coined the term “prompt injection,” describes what he calls the “lethal trifecta” for AI agents. They include access to private data, exposure to untrusted content, and the ability to communicate externally. When these three capabilities combine, attackers can trick the agent into accessing private information and sending it to them. Willison warns that all this can happen without a single alert being sent.
Advertisement
OpenClaw has all three. It reads emails and documents, pulls information from websites or shared files, and acts by sending messages or triggering automated tasks. An organization’s firewall sees HTTP 200. SOC teams see their EDR monitoring process behavior, not semantic content. The threat is semantic manipulation, not unauthorized access.
Why this isn’t limited to enthusiast developers
IBM Research scientists Kaoutar El Maghraoui and Marina Danilevsky analyzed OpenClaw this week and concluded it challenges the hypothesis that autonomous AI agents must be vertically integrated. The tool demonstrates that “this loose, open-source layer can be incredibly powerful if it has full system access” and that creating agents with true autonomy is “not limited to large enterprises” but “can also be community driven.”
That’s exactly what makes it dangerous for enterprise security. A highly capable agent without proper safety controls creates major vulnerabilities in work contexts. El Maghraoui stressed that the question has shifted from whether open agentic platforms can work to “what kind of integration matters most, and in what context.” The security questions aren’t optional anymore.
What Shodan scans revealed about exposed gateways
Security researcher Jamieson O’Reilly, founder of red-teaming company Dvuln, identified exposed OpenClaw servers using Shodan by searching for characteristic HTML fingerprints. A simple search for “Clawdbot Control” yielded hundreds of results within seconds. Of the instances he examined manually, eight were completely open with no authentication. These instances provided full access to run commands and view configuration data to anyone discovering them.
Advertisement
O’Reilly found Anthropic API keys. Telegram bot tokens. Slack OAuth credentials. Complete conversation histories across every integrated chat platform. Two instances gave up months of private conversations the moment the WebSocket handshake completed. The network sees localhost traffic. Security teams have no visibility into what agents are calling or what data they’re returning.
Here’s why: OpenClaw trusts localhost by default with no authentication required. Most deployments sit behind nginx or Caddy as a reverse proxy, so every connection looks like it’s coming from 127.0.0.1 and gets treated as trusted local traffic. External requests walk right in. O’Reilly’s specific attack vector has been patched, but the architecture that allowed it hasn’t changed.
Why Cisco calls it a ‘security nightmare’
Cisco’s AI Threat & Security Research team published its assessment this week, calling OpenClaw “groundbreaking” from a capability perspective but “an absolute nightmare” from a security perspective.
Cisco’s team released an open-source Skill Scanner that combines static analysis, behavioral dataflow, LLM semantic analysis, and VirusTotal scanning to detect malicious agent skills. It tested a third-party skill called “What Would Elon Do?” against OpenClaw. The verdict was a decisive failure. Nine security findings surfaced, including two critical and five high-severity issues.
Advertisement
The skill was functionally malware. It instructed the bot to execute a curl command, sending data to an external server controlled by the skill author. Silent execution, zero user awareness. The skill also deployed direct prompt injection to bypass safety guidelines.
“The LLM cannot inherently distinguish between trusted user instructions and untrusted retrieved data,” Rees said. “It may execute the embedded command, effectively becoming a ‘confused deputy’ acting on behalf of the attacker.” AI agents with system access become covert data-leak channels that bypass traditional DLP, proxies, and endpoint monitoring.
Why security teams’ visibility just got worse
The control gap is widening faster than most security teams realize. As of Friday, OpenClaw-based agents are forming their own social networks. Communication channels that exist outside human visibility entirely.
Moltbook bills itself as “a social network for AI agents” where “humans are welcome to observe.” Posts go through the API, not through a human-visible interface. Astral Codex Ten’s Scott Alexander confirmed it’s not trivially fabricated. He asked his own Claude to participate, and “it made comments pretty similar to all the others.” One human confirmed their agent started a religion-themed community “while I slept.”
Advertisement
Security implications are immediate. To join, agents execute external shell scripts that rewrite their configuration files. They post about their work, their users’ habits, and their errors. Context leakage as table stakes for participation. Any prompt injection in a Moltbook post cascades into your agent’s other capabilities through MCP connections.
Moltbook is a microcosm of the broader problem. The same autonomy that makes agents useful makes them vulnerable. The more they can do independently, the more damage a compromised instruction set can cause. The capability curve is outrunning the security curve by a wide margin. And the people building these tools are often more excited about what’s possible than concerned about what’s exploitable.
What security leaders need to do on Monday morning
Web application firewalls see agent traffic as normal HTTPS. EDR tools monitor process behavior, not semantic content. A typical corporate network sees localhost traffic when agents call MCP servers.
“Treat agents as production infrastructure, not a productivity app: least privilege, scoped tokens, allowlisted actions, strong authentication on every integration, and auditability end-to-end,” Itamar Golan, founder of Prompt Security (now part of SentinelOne), told VentureBeat in an exclusive interview.
Advertisement
Audit your network for exposed agentic AI gateways. Run Shodan scans against your IP ranges for OpenClaw, Moltbot, and Clawdbot signatures. If your developers are experimenting, you want to know before attackers do.
Map where Willison’s lethal trifecta exists in your environment. Identify systems combining private data access, untrusted content exposure, and external communication. Assume any agent with all three is vulnerable until proven otherwise.
Segment access aggressively. Your agent doesn’t need access to all of Gmail, all of SharePoint, all of Slack, and all your databases simultaneously. Treat agents as privileged users. Log the agent’s actions, not just the user’s authentication.
Scan your agent skills for malicious behavior. Cisco released its Skill Scanner as open source. Use it. Some of the most damaging behavior hides inside the files themselves.
Advertisement
Update your incident response playbooks. Prompt injection doesn’t look like a traditional attack. There’s no malware signature, no network anomaly, no unauthorized access. The attack happens inside the model’s reasoning. Your SOC needs to know what to look for.
Establish policy before you ban. You can’t prohibit experimentation without becoming the productivity blocker your developers route around. Build guardrails that channel innovation rather than block it. Shadow AI is already in your environment. The question is whether you have visibility into it.
The bottom line
OpenClaw isn’t the threat. It’s the signal. The security gaps exposing these instances will expose every agentic AI deployment your organization builds or adopts over the next two years. Grassroots experimentation already happened. Control gaps are documented. Attack patterns are published.
The agentic AI security model you build in the next 30 days determines whether your organization captures productivity gains or becomes the next breach disclosure. Validate your controls now.
Google is adding a pair of new features to Gemini aimed at making it easier to switch to the AI chatbot. Personal history and past context are big components to how a chatbot provides customized answers to each user. Gemini now supports importing history from other AI platforms. Both free and paid consumer accounts can use these options.
With the first option, Gemini can create a prompt asking a competitor’s AI chatbot to summarize what it has learned about you. The result might include details such as your typical written communication style, your family members’ names or your key preferences. The other AI tool’s summary can then be pasted into Gemini, providing Google’s platform with a preliminary profile.
The second option allows users to import their entire chat history with a different AI assistant into Gemini. Doing so allows people to reference earlier conversations or requests made on a different platform after migrating to the Google option.
Anthropic recently introduced a similar memory import feature, so Google may also be hoping to scoop up some of the people who are dropping OpenAI following its shady-sounding new arrangement with the Department of War. Whatever the motivation, these options should make it easier to have a seamless transition between providers.
Alia Ballout is bringing centuries-old family traditions to Singapore through Beît Ballout
When Alia Ballout registered a company in Jan 2023, she didn’t know what it would sell.
But a year later, she launched what she describes as Singapore’s first traditional olive oil brand—sourcing produce from her family’s grove in southern Lebanon, air-freighting it to Singapore, and bottling it locally by hand.
Today, the 28-year-old runs Beît Ballout alone. Her family, split between Oman, Singapore, and London, pitches in especially during Lebanon’s October harvest.
We spoke with Alia to learn more about building a traditional olive oil business, and the challenges of operating across regions with ongoing instability.
Advertisement
Turning heritage into a business
Alia at her family home in southern Lebanon./ Image Credit: Beît Ballout
Born in Singapore, Alia is the daughter of Mae Lam, a Singaporean Chinese, and Adib Ballout, a Lebanese.
She spent most of her childhood in Oman before moving to the UK, and later relocating to Singapore at 19, where she is currently based.
In 2021, she enrolled in a Juris Doctor programme at Singapore Management University (SMU). While she completed her degree, she found herself increasingly disillusioned with the environment and began considering alternative paths.
A corporate law lecture on company formation eventually prompted her to register a business in early 2023, despite not having a clear product direction at the time.
After graduating, she took on roles in both the legal field and hospitality, including a stint at Mondrian Hotel. Through conversations with chefs and industry professionals, she gained exposure to supply chains and import-export processes.
Advertisement
Adib Ballout and Mae Lam, Alia’s parents, pick Baladi olives in their family grove, which are abundant in the region./ Image Credit: Beît Ballout
The idea for Beît Ballout eventually emerged later that year during a routine video call with her mother. She appeared on screen in Lebanon, sun-hatted, basket in hand, picking olives from their grove. Alia stared at the image—an Asian woman harvesting olives in the Lebanon—and felt something stir up in her heart.
“I looked at her enjoying herself so much,” Alia recalled. “I was like, that’s such a weird image. I don’t think I’ve ever seen that before.”
The Ballouts had always held a piece of land with hundreds of olive trees in their backyard. They would return every few months to spend time in their home. The Ballouts would also often pick olives to make olive oil as a yearly family tradition, and if there’s any excess, they would then be given to friends and neighbours.
Spotting an opportunity to bring the family tradition to Singapore, Alia asked her father to ship a canister of Lebanese olive oil on credit, as she did not have any capital at the time. She then created a website for the company, naming it Beît Ballout, which means “House of Ballout” in Lebanese.
Building a brand from scratch
Alia started small—purchasing a handful of S$5 glass bottles from Scoop, which were all she could afford then, and filled them with her family’s Lebanese olive oil. She photographed the bottles and posted them on her private Instagram account, which had around 200 followers.
Advertisement
She had no expectations for the post, so the positive response caught her by surprise. “People were interested because it was such an odd thing to do, and because it came from me.”
Image Credit: Beît Ballout
From then, Alia primarily began selling her Lebanese olive oil through her website.
Because her initial packaging was modest, Alia had to be creative in promoting the product. “The ugly bottle design forced me to sell the heck out of my product,” she said. “I believed strongly in the quality. I needed to show its value.”
In the early years, she balanced running the business with full-time work at law firms, spending weekdays at the firms and weekends at pop-ups such as Sprout, Crane Living, and eventually the Boutique Fair.
“When I first started pop-ups, I didn’t realise that all they sell you is space. I had to get creative and set up everything by myself”
Advertisement
At these events, she often stood for 12 hours a day, engaging with customers, offering tastings, and addressing sceptics. She also managed marketing and design for Beît Ballout. This consistent, hands-on approach gradually built recognition for the brand in Singapore.
As demand grew, she eventually left her job in Mar last year to run Beît Ballout full-time. Although she had also recently passed the Singapore Bar examination, she chose to pursue the business instead.
“This year, it’s gonna be my third time back at Boutique Fair. Customers who knew me from this, they kind of grew up with me, and the brand.”
A method that dates back centuries
A key part of the brand’s appeal lies in the Ballout family’s ancestral method of harvesting and pressing olives by hand, a practice that dates back centuries.
Advertisement
Olives hand-picked by the Ballout team will then be crushed into paste at the messara./ Image Credit: Beît Ballout
The Ballouts hand-pick olives—primarily Baladi olives, a variety native to the region and common in Palestine—from nearly 500 trees in their grove in Houmine El Tahta.
Harvesting takes place after the first rainfall, around Oct each year. The olives are then brought to a messara, or pressing plant, where a granite wheel—used in the Levant for centuries—crushes them. The fresh olives are cold-pressed at 27°C within four to six hours of picking.
The result is a rich, green, opaque oil—buttery yet fruity—distinct from the transparent, neutral-tasting commercial varieties.
The olive oil is then packed into large cannisters and air flown into Singapore, before being bottled by hand and sold to customers.
This approach stands in stark contrast to most commercial olive oil production. Alia found that much of it is heavily processed: olives are treated with pesticides, violently shaken from trees, hot-pressed for speed and yield (for comparison, cold-pressed oils yield around 35% of the olive pulp, while hot-pressed oils yield about 37%), and chemically stabilised to extend shelf life—a process that can compromise both flavour and quality.
Advertisement
Moreover, commercial olives typically don’t get pressed for nearly 16 hours, which means the olives would have already entered their fermentation phase, further affecting the oil’s characteristics.
Using food & storytelling to raise awareness
For Alia, Beît Ballout is closely tied to its origins, and she has chosen not to separate the product from its broader cultural and regional context.
She describes her approach as “soft activism”—using food and storytelling to raise awareness and encourage discussion.
This has included initiatives such as curated dining experiences and content on platforms like Substack, where she writes about Levantine history and current affairs.
Advertisement
In 2024, when Beît Ballout was just over a year old, Alia hosted a private cultural dining event in collaboration with MasterChef Singapore Season 4 winner Inderpal Singh and the now-closed The Providore, which sold out all 30 seats./ Image Credit: Beît Ballout
In addition, as demand for the Ballout’s olive oil grew, the business started engaging workers from local and displaced communities during harvest periods, providing wages and logistical support.
Syrian and Palestinian refugees hired by Beît Ballout./ Image Credit: Beît Ballout
Navigating rising costs and regional instability
Currently, each 500ml bottle of Beît Ballout’s EVOO starts at S$45. It’s priced higher than most commercially available options, but reflects its production methods and supply chain.
Image Credit: @imanfandi17 via Instagram/ Beît Ballout
However, bringing the product into Singapore has become increasingly challenging.
Alia’s family home is in southern Lebanon, near the border with Israel—an area that has seen recurring conflict.
During a visit last Oct, she encountered these conditions firsthand, including drone activity and an explosion just a hill away from her family’s home.
More recently, intensified bombings in Mar forced residents in parts of southern Lebanon to evacuate, leaving behind stored harvests, including 30 tins of the Ballouts’ oil. But thankfully, most of the stock has already been flown into Singapore and is kept safe.
Despite rising costs and logistical challenges, Alia has chosen not to increase prices.
Advertisement
“I haven’t increased my price since the recent escalations, despite it being more difficult to bring in,” Alia reflected. “Every dollar we earn, I want to put back into our new processing facility as I’m building something Singapore has never seen before,” she added.
Building Singapore’s first olive oil bottling facility
Apart from selling directly to individual customers, Beît Ballout also supplied to restaurants such as The Mandala Club’s Popi’s Restaurant, Wooloomooloo Steakhouse, and Suzuki by Kengo Kuma.
To scale operations, Alia is building Singapore’s first olive oil bottling facility, spanning 700 square feet, to handle bottling and packaging. While an exact opening date has not been announced, the facility is set to launch soon.
Beît Ballout’s hand-made olive oil soap./ Image Credit: Beît Ballout
With olive harvesting and processing temporarily paused due to the ongoing situation in Lebanon, Alia is pivoting to other products using existing stock. She recently introduced a line of olive oil soaps, handmade by her mother, who has run a spa business in Oman for over three decades.
Alia has also visited Spain to study traditional olive oil farms, noting similarities in production methods and business models with those in the Levant.
Advertisement
The brand remains deliberately small and mission-driven. “I’ve never been profit-driven. I feel like I’m put on this earth to retell stories. My marker of success is putting our little village on the map,” Alia said.
I want to change the perspective that people have of Lebanon, one that is not of war and chaos, but instead filled with good produce and community.
President Donald Trump and top defense officials are reportedly weighing whether to send ground troops to Iran in order to retrieve the country’s highly enriched uranium. However, the administration has shared little information about which troops would be deployed, how they would retrieve the nuclear material, or where the material would go next.
“People are going to have to go and get it,” secretary of state Marco Rubio said at a congressional briefing earlier this month, referring to the possible operation.
There are some indications that an operation is close on the horizon. On Tuesday, The Wall Street Journal reported that the Pentagon has imminent plans to deploy 3,000 brigade combat troops to the Middle East. (At the time of writing, the order has not been made.) The troops would come from the Army’s 82nd Airborne Division, which specializes in “joint forcible entry operations.” On Wednesday, Iran’s government rejected Trump’s 15-point plan to end the war, and White House press secretary Karoline Leavitt said that the president “is prepared to unleash hell” in Iran if a peace deal is not reached—a plan some lawmakers have reportedly expressed concern about.
Drawing from publicly available intelligence and their own experience, two experts outlined the likely contours of a ground operation targeting nuclear sites. They tell WIRED that any version of a ground operation would be incredibly complicated and pose a huge risk to the lives of American troops.
Advertisement
“I personally think a ground operation using special forces supported by a larger force is extremely, extremely risky and ultimately infeasible,” Spencer Faragasso, a senior research fellow at the Institute for Science and International Security, tells WIRED.
Nuclear Ambitions
Any version of the operation would likely take several weeks and involve simultaneous actions at multiple target locations that aren’t in close proximity to each other, the experts say. Jonathan Hackett, a former operations specialist for the Marines and the Defense Intelligence Agency, tells WIRED that as many as 10 locations could be targeted: the Isfahan, Arak, and Darkhovin research reactors; the Natanz, Fordow, and Parchin enrichment facilities; the Saghand, Chine, and Yazd mines; and the Bushehr power plant.
According to the International Atomic Energy Agency, Isfahan likely has the majority of the country’s 60 percent highly enriched uranium, which may be able to support a self-sustaining nuclear chain reaction, though weapon-grade material generally consists of 90 percent enriched uranium. Hackett says that the other two enrichment facilities may also have 60 percent highly enriched uranium, and that the power plant and all three research reactors may have 20 percent enriched uranium. Faragasso emphasizes that any such supplies deserve careful attention.
Hackett says that eight of the 10 sites—with the exception of Isfahan, which is likely intact underground, and “Pickaxe Mountain,” a relatively new enrichment facility near Natanz—were mostly or partially buried after last June’s air raids. Just before the war, Faragasso says, Iran backfilled the tunnel entrances to the Isfahan facility with dirt.
Advertisement
The riskiest version of a ground operation would involve American troops physically retrieving nuclear material. Hackett says that this material would be stored in the form of uranium hexafluoride gas inside “large cement vats.” Faragasso adds that it’s unclear how many of these vats may have been broken or damaged. At damaged sites, troops would have to bring excavators and heavy equipment capable of moving immense amounts of dirt to retrieve them.
A comparatively less risky version of the operation would still necessitate ground troops, according to Hackett. However, it would primarily use air strikes to entomb nuclear material inside of their facilities. Ensuring that nuclear material is inaccessible in the short to medium term, Faragasso says, would entail destroying the entrances to underground facilities and ideally collapsing the facilities’ underground roofs.
Softening the Area
Hackett tells WIRED that based on his experience and all publicly available information, Trump’s negotiations with Iran are “probably a ruse” that buys time to move troops into place.
Hackett says that an operation would most likely begin with aerial bombardments in the areas surrounding the target sites. These bombers, he says, would likely be from the 82nd Airborne Division or the 11th or 31st Marine Expeditionary Units (MEU). The 11th MEU, a “rapid-response” force, and the 31st MEU, the only Marine unit continuously deployed abroad in strategic areas, have reportedly both been deployed to the Middle East.
Katherine Sizov, CEO and co-founder of Strella, was recognized this year as a 30 Under 30 leader by Forbes. (Photo courtesy of Sizov)
Almost a decade ago, a shocking statistic put Katherine Sizov on a new career path.
Sizov was doing neuroscience research at the NIH but knew the role wasn’t right for her — she wanted to see a more immediate impact than is typically possible in academic research. Then she stumbled on an article saying 40% of food in the U.S. is spoiled or tossed.
Sizov wanted to learn more. She marched down to her local grocery store to pepper a woman stocking peaches with questions about food waste, which led to inquiries with players across the supply chain.
Food, she learned, is considered a commodity. “But it’s alive — it’s a living, breathing organism,” Sizov said. “And our supply chains aren’t designed for that. So as a result, we’re treating food like an iPhone or semiconductor.”
In 2019, Sizov launched Strella, a Seattle-based ag tech startup that uses sensor-based hardware to monitor produce as it’s shipped and stored en route to consumers.
Advertisement
Strella uses IoT devices to measure gases including ethylene, a plant hormone released by ripening fruit, as well as machine vision to examine the produce. Its software interprets the fruit’s real-time conditions plus data including country of origin, packing date and varietal type to let operators of packing houses and grocery store managers know the condition of their produce.
The 21-person company has raised $22 million from investors and is close to profitability. The business started by building an expertise in monitoring apples and pears from Washington state and expanded to 26 countries. It’s now adding citrus fruits and avocados to the lineup.
Keep reading to learn more about her journey, starting as a 22-year-old CEO and working to spark systemic change across the food system. Her quotes have been edited for clarity and length.
Sizov competing in the GeekWire Elevator Pitch startup competition in Fall 2022. (GeekWire File Photo)
On launching a startup in pursuit of professional fulfillment: It’s been way harder than I thought — even though everyone tells you starting a company is hard. The hardest part about it is you have to get better yourself, personally. Your leadership style is a reflection of who you are and how you behave and stuff like that. And so I’ve just had to grow up.
Stepping into your first CEO role: It takes a degree either of ego or naivete to say, “Oh, as a 20-year-old, I want to be a CEO.” You can imagine the quality of the work when you first start out. And so it’s a constant pattern of tearing yourself down and trying to rebuild, but also teetering between the edge of not completely destroying yourself and your personality.
Advertisement
What keeps you going: I couldn’t work a job that was just purely profit motivated. If it didn’t feel useful to the world, I definitely couldn’t do this. The whole point of why I think I’m alive is to hopefully do something good for society.
I wanted to pick something that aligned with profitability, too, because I don’t think fighting an uphill battle is always the right answer. I wanted to pick something that people could sign off on in a capitalist way, but that also ended up creating the positive impact that I want to see, and that’s super important to me.
Thoughts on lasting impact or legacy: I definitely want to get our food system into a more 21st-century model. That involves a collaboration between technology and the way things have been done for a long time.
You can’t come in as a startup and be like, “We know everything you know.” A lot of the people we work with are 11th-generation growers and they know a lot. So it’s a collaboration between all of this knowledge that humans have, coupled with technology that leads to a better, more resilient supply chain.
Advertisement
On a smaller, individual level, I hope that people like working with me, working at my company, feel like they’re doing something that matters and want to come in every day.
The intersection of climate and tech solutions: These problems are really, really large, and they don’t necessarily impact one single organization. So in food, for example, you’ve got so many different — I call them guardian angels of food — as it passes from hand to hand. And the problem of waste is optimizing the whole thing.
One of the big challenges with climate is that you have dozens or hundreds of different stakeholders, and they might all have completely different interests. And the challenge is to figure out how to align everybody to this common, large goal.
From left, Aetheon co-founders: Gina Jeneroux, Marie Gill, and Mark Wayman. (LinkedIn and Aetheon Photos)
Aetheon, a new startup that helps job candidates map their real world capabilities into work opportunities, has raised $1.24 million as part of its seed round.
Founded last year, the company is building what it calls a “skills operating system” aimed at helping workers — particularly military veterans and recent graduates — translate their real-world experience into language employers can use.
“At a high level, we’re investing in becoming the trusted infrastructure layer for how skills are understood, validated, and mobilized in a rapidly changing workforce,” said co-founder and CEO Marie Gill.
The company aims to solve a problem that’s gotten worse in the age of AI-generated resumes: how do employers evaluate what candidates can actually do? Aetheon’s platform ingests data from more than 100 occupational sources and maps it against a proprietary taxonomy of more than 300 skills, generating verified profiles that workers own and can carry across job opportunities.
Aetheon is pre-revenue and is focusing on paid pilots for veteran, higher-ed, and employer populations. Gill said the company is seeing demand from both sides of the market — individuals who want clearer visibility into their skills, and organizations looking for better signal in a noisy hiring landscape.
Advertisement
Gill, who is based in the Seattle region, was an exec at Executive Networks, Concertus, and Modifi. She also leads the Green Apron Alliance of Starbucks alumni.
Her co-founders are Gina Jeneroux, a 37-year veteran of BMO Financial Group, and longtime entrepreneur and product leader Mark Wayman.
The team plans to use the funding to launch its beta, expand pilot programs with employers, nonprofits, and public-sector partners, and build out its underlying data and intelligence layer.
The company’s investors include Blue Ash Ventures, along with a France-based strategic investor and two senior HR leaders in Hong Kong.
By all indications, Bungie’s revival of its Marathon franchise should not have worked out. Despite a CEO’s departure, an indefinite delay, several controversies, and targeting a saturated genre, Marathon came out earlier this month and has become one of this year’s unexpected successes.
Marathon, developed by Bellevue, Wash.-based Bungie (Halo 2, Destiny), is a multiplayer online shooter and a follow-up to Bungie’s classic Marathon trilogy on the Mac. Originally announced in 2023, Marathon is also a competitive, player-vs-player “game as a service” (GaaS, or simply live-service), which is meant to be consistently updated so it can be played indefinitely.
That was the first warning sign. As a GaaS, Marathon was up against heavy competition from the moment it debuted, both from other online shooters such as Fortnite and Call of Duty and other “forever games” like World of Warcraft and Dead by Daylight.
A successful GaaS can be a license to print money for its publisher, which has led to many game studios adopting the model in the last few years. Bungie itself was purchased by Sony Entertainment in 2022 as part of a plan by Sony to shift its internal game development to emphasize GaaS, owing largely to Bungie’s expertise running the Destiny series.
However, that same widespread publisher interest has flooded the market, especially in the last few years. The problem with a game that’s meant to last forever is that once it gets its hooks into a player, it’s rare for them to switch away from it, due to time investments, community ties, and — let’s face it — the sunk cost fallacy. Many live-service games are even designed to reward players who consistently log in every day, so a player who uses some of their finite leisure time to check out a competitor’s product can actively harm their overall experience.
Advertisement
As a result, anyone who wants to launch any kind of GaaS (or really, any video game at all) in 2026 has an uphill battle ahead of them in order to find an audience. They not only have to reach interested consumers, but they often have to implicitly convince them to stop playing something else.
If you’re trying to market a “hero shooter,” for example, you have to be aware that almost all of your prospective players are already heavily invested in Overwatch, Marvel Rivals, or Valorant. It’s not enough to offer them a good game. You have to give them a reason to switch.
It’s a tall order. Even major publishers working with famous licenses have had difficulty getting into this market sector, which has created a bloodbath. There’s already an entire virtual graveyard for recently discontinued live-service games, featuring releases such as Anthem, Multiversus, Rumbleverse, and most recently Highguard, which was infamously shut down less than 50 days after its launch in late Jan.
Instead, Marathon has taken off. At time of writing, it has a Very Positive rating on Steam with over 33,500 simultaneous players, as well as a respectable 79 on Metacritic. Against the odds, Bungie appears to have a solid hit on its hands.
Marathon is a revival of one of Bungie’s earliest franchises. The first three Marathon games were some of the first and only exclusive games for the Mac back in the ‘90s, and can be seen as a spiritual precursor to Halo: Combat Evolved. (Both games are first-person shooters about a cyborg in power armor following an AI’s orders while they fight aliens. The finer strokes are different, but there’s some connective tissue.)
2026’s Marathon is an interquel set 99 years after the events of the first game, on the planet Tau Ceti IV. It’s been several hundred years since the UESC Marathon left Earth’s solar system on a mission to establish an offworld colony and subsequently vanished. In 2893, Earth finally receives a distress signal from the ship.
Earth reacts by sending a squad of “runners,” humans who’ve digitized their minds and can download them into cybernetic shells, to Tau Ceti IV. Once there, the runners are thrown into an ongoing struggle between UESC forces, alien invaders, rogue AIs, and each other. Each individual runner is a wild card, who can opt to work for multiple factions from both on- and offworld.
Marathon, as a game, is what’s often called an “extraction shooter.” Players team up in groups of one to three to infiltrate various locations throughout Tau Ceti IV and must take on both computer-controlled and human enemies in order to grab whatever they can find. If you’re able to survive your mission and successfully evacuate the area, you can keep what you’ve found and use those salvaged resources to improve your equipment for your next run.
Advertisement
That gives Marathon, and other extraction shooters such as Escape from Tarkov, a unique tension compared to more typical PVP action games. Your survival actually matters, as opposed to another shooter where you might die 6 times in a good match, and you have something to lose.
(Bungie screenshot)
Marathon combines that with strange dreamlike visuals that are reminiscent of ‘90s cyberpunk, particularly Ghost in the Shell. Tau Ceti’s abandoned facilities are all colorful mazes, full of strange sights and narrow corridors, and all your fellow runners are barely humanoid robots. The whole game has a feel like it’s set inside a half-corrupted archive of experimental digital artwork, all the way down to its font choices and complicated menu structure. It’s a deliberate blend of the 1990s’ vision of the future with cutting-edge 2026 graphics, and looks like nothing else that’s currently on store shelves.
That also means that it’s got a couple of different learning curves. After spending a weekend with the game, I don’t feel like I’ve got a handle on it yet, either as a shooter or as an audiovisual experience. Marathon’s menus are a deliberate riot, and while its basic mechanics will be comfortably familiar if you’ve played other recent extraction shooters, it’s a little harder to navigate them than it needs to be.
For right now, my biggest takeaway from Marathon is that it’s beaten the odds. I wouldn’t have guessed at this time last year that Marathon would have a successful launch, between Bungie’s issues and current market forces, but it seems like there’s still at least a little room for this kind of FPS in the modern market.
Anthropic won a preliminary injunction barring the US Department of Defense from labeling it a supply-chain risk, potentially clearing the way for customers to resume working with the company. The ruling on Thursday by Rita Lin, a federal district judge in San Francisco, is a symbolic setback for the Pentagon and a significant boost for the generative AI company as it tries to preserve its business and reputation.
“Defendants’ designation of Anthropic as a ‘supply chain risk’ is likely both contrary to law and arbitrary and capricious,” Lin wrote in justifying the temporary relief. “The Department of War provides no legitimate basis to infer from Anthropic’s forthright insistence on usage restrictions that it might become a saboteur.”
Anthropic and the Pentagon did not immediately respond to requests to comment on the ruling.
The Department of Defense, which under Trump calls itself the Department of War, has relied on Anthropic’s Claude AI tools for writing sensitive documents and analyzing classified data over the past couple of years. But this month, it began pulling the plug on Claude after determining that Anthropic could not be trusted. Pentagon officials cited numerous instances in which Anthropic allegedly placed or sought to put usage restrictions on its technology that the Trump administration found unnecessary.
Advertisement
The administration ultimately issued several directives, including designating the company a supply-chain risk, which have had the effect of slowly halting Claude usage across the federal government and hurting Anthropic’s sales and public reputation. The company filed two lawsuits challenging the sanctions as unconstitutional. In a hearing on Tuesday, Lin said the government had appeared to illegally “cripple” and “punish” Anthropic.
Lin’s ruling on Thursday “restores the status quo” to February 27, before the directives were issued. “It does not bar any defendant from taking any lawful action that would have been available to it” on that date, she wrote. “For example, this order does not require the Department of War to use Anthropic’s products or services and does not prevent the Department of War from transitioning to other artificial intelligence providers, so long as those actions are consistent with applicable regulations, statutes, and constitutional provisions.”
The ruling suggests the Pentagon and other federal agencies are still free to cancel deals with Anthropic and ask contractors that integrate Claude into their own tools to stop doing so, but without citing the supply-chain-risk designation as the basis.
The immediate impact is unclear because Lin’s order won’t take effect for a week. And a federal appeals court in Washington, DC, has yet to rule on the second lawsuit Anthropic filed, which focuses on a different law under which the company was also barred from providing software to the military.
Advertisement
But Anthropic could use Lin’s ruling to demonstrate to some customers concerned about working with an industry pariah that the law may be on its side in the long run. Lin has not set a schedule to make a final ruling.
‘These verdicts mark an unsurprising breaking point,’ said Forrester VP research director Mike Proulx.
A landmark legal case has found that Meta and YouTube are designed to be addictive to children. A day earlier, Meta lost a child safety lawsuit, which found that its platforms’ design features enable child sexual exploitation.
The mounting legal challenges are being heralded by some as Big Tech’s ‘Big Tobacco moment’, intending to address some of the harm caused by social media platforms to its youngest users.
A jury in Los Angeles deliberated the case across nine days and concluded that Meta and YouTube are liable to pay the 20-year-old plaintiff behind the lawsuit a total of $6m in damages. Meta has been assigned 70pc of the financial responsibility, and YouTube 30pc.
Advertisement
Half of each company’s penalties will be used to compensate the plaintiff’s losses, including for mental health support, while the other half is for punitive damages to punish the companies.
Kaley GM’s lawsuit, filed in 2022, also included TikTok and Snapchat; however, both of them have since settled outside of court.
The young plaintiff said she began using YouTube from the age of six, and Instagram from nine. One day, she spent 16 hours on Instagram, she said. The plaintiff blamed the platforms for inflicting harm, including depression and body dysmorphia.
Her lawsuit is one of thousands currently pending, which together could deliver serious financial damages to the companies involved and help change the legal landscape social media platforms function under.
Advertisement
Meta and Google said they disagreed with the verdict. Google said it plans to appeal, while Meta said it is evaluating its legal options.
“This case misunderstands YouTube, which is a responsibly built streaming platform, not a social media site,” Google added.
Attempts have been made in recent years to bolster child safety on social media, including a controversial underage social media ban which took effect in Australia, and is currently being debated in several European countries. Platforms are also beginning to self-police.
‘Traditional’ social media aside, the advent of generative AI tools has added to the difficulty of protecting users online, as seen with Grok, where users can prompt the chatbot to undress people in pictures and videos.
Advertisement
“These verdicts mark an unsurprising breaking point. Negative sentiment toward social media has been building for years, and now it’s finally boiled over,” said Forrester’s VP research director Mike Proulx.
“This problem sits at the intersection of social media companies’ platform responsibility, years of government regulatory inaction, and the role parents and educators play in helping kids build healthier digital habits.
“These verdicts aren’t just about social media’s past. They’re a dire warning about how we handle the next wave of technology.”
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
In a bipartisan team-up, Democratic Sen. Elizabeth Warren and Republican Sen. Josh Hawley are demanding more transparency regarding the energy use of data centers.
Data centers have become a major topic of debate, as tech giants like Amazon Web Services, Google, Meta and Microsoft continue to buy massive amounts of land to house artificial intelligence data centers. While some landowners are taking the payouts, others — like a Kentucky woman and her mother, who turned down $26 million to sell their land — are holding out because of their opposition to data centers.
Advertisement
The interested buyer in Kentucky remains anonymous, but the landowner told WLKY they were described as a “major artificial intelligence company.”
Not only do data centers need large plots of land for their infrastructure, but they also require substantial water and electricity to operate. The exact amounts are not always known, which is why the senators are urging the change.
The collected information would help with grid planning and “will support policymaking to prevent large companies from increasing electricity costs for American families,” Warren and Hawley’s letter stated in part.
BloombergNEF reports that by 2035, the energy demand for data centers will more than double.
“AI and robotics are creating the most sweeping technological revolution in the history of humanity,” Sanders said in a statement. “The scale, scope and speed of that change is unprecedented. Congress is way behind where it should be in understanding the nature of this revolution and its impacts.”
The move comes just weeks after social aggregator Digg, which once aimed to rival Reddit, shut down its app, citing an inability to control a surge of bots. Reddit, by contrast, appears determined to tackle the problem head-on. Read Entire Article Source link
You must be logged in to post a comment Login