HACKING CATEGORY AI
H | AI() | COMMUNICATION() | HACKING() | HARDWARE() | LAN() | MALWARE() | MOBIL() | OS() | SOFTWARE() | WEB()
| DATE | NAME | INFO | CATEGORY | SUBCATE |
| 17.06.2026 | Hijacking Vertex AI Model Uploads for Cross-Tenant RCE | Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE | HACKING | AI |
| 31.05.2026 | LLMShare | LLMShare: how attackers are turning AI chatbot pages into malware delivery platforms | HACKING | AI |
| 30.05.2026 | SymJack | SymJack: the approval prompt is lying to you. A symlink-hijack RCE in six AI coding agents | HACKING | AI |
| 30.05.2026 | TrustFall | TrustFall: coding agent security flaw enables one-click RCE in Claude, Cursor, Gemini CLI and GitHub Copilot | HACKING | AI |
| 26.03.2026 | Poisoned Typeface | Poisoned Typeface: How Simple Font Rendering Poisons Every AI Assistant, And Only Microsoft Cares | HACKING | AI |
| 26.03.2026 | ShadowPrompt | ShadowPrompt: How Any Website Could Have Hijacked Claude's Chrome Extension | HACKING | AI |
| 01.03.2026 | Log Poisoning in OpenClaw | It is important to be clear here: this is not a traditional remote code execution vulnerability. Instead, its an indirect prompt injection risk, where exploitation depends on context. | HACKING | AI |
| 16.01.2026 | Reprompt | Reprompt: The Single-Click Microsoft Copilot Attack that Silently Steals Your Personal Data | HACKING | AI |
| 07.01.2026 | Prompt poaching | Prompt poaching runs rampant in extensions | HACKING | AI |
| 19.11.2025 | Exploiting Agent-to-Agent Discovery via Prompt Injection | When AI Turns on Its Team: Exploiting Agent-to-Agent Discovery via Prompt Injection | HACKING | AI |
| 06.11.2025 | HackedGPT | HackedGPT: Novel AI Vulnerabilities Open the Door for Private Data Leakage | HACKING | AI |
| 28.10.2025 | OpenAI Atlas Omnibox Prompt Injection | OpenAI Atlas Omnibox Prompt Injection: URLs That Become Jailbreaks | HACKING | AI |
| 28.10.2025 | ChatGPT Tainted Memories | “ChatGPT Tainted Memories:” LayerX Discovers The First Vulnerability in OpenAI Atlas Browser, Allowing Injection of Malicious Instructions into ChatGPT | HACKING | AI |
| 08.10.2025 | ASCII Smuggling | Ghosts in the Machine: ASCII Smuggling across Various LLMs | HACKING | AI |
| 08.10.2025 | Disrupting malicious uses of AI | Disrupting malicious uses of AI: October 2025 | HACKING | AI |
| 05.10.2025 | CometJacking | CometJacking: How One Click Can Turn Perplexity’s Comet AI Browser Against You | HACKING | AI |
| 20.09.2025 | LLM-Enabled Malware | Prompts as Code & Embedded Keys | The Hunt for LLM-Enabled Malware | HACKING | AI |
| 20.09.2025 | ShadowLeak | ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent | HACKING | AI |
| 17.09.2025 | Echoleak | Echoleak- Send a prompt , extract secret from Copilot AI!( CVE-2025-32711) | HACKING | AI |
| 12.09.2025 | Open Repo | Oasis Security’s research team uncovered a vulnerability in Cursor, the popular AI Code Editor, that allows a maliciously crafted code repository to execute code as soon as it's opened using Cursor, no trust prompt. | HACKING | AI |
| 04.09.2025 | Hexstrike-AI | Hexstrike-AI: When LLMs Meet Zero-Day Exploitation | HACKING | AI |
| 20.08.2025 | Scamlexity | "Scamlexity" - a new era of scam complexity, supercharged by Agentic AI. Familiar tricks hit harder than ever, while new AI-born attack vectors break into reality. | HACKING | AI |
| 01.06.2025 | Text-to-Malware: How Cybercriminals Weaponize Fake AI-Themed Websites | Since November 2024, Mandiant Threat Defense has been investigating an UNC6032 campaign that weaponizes the interest around AI tools, in particular those tools which can be used to generate videos based on user prompts. | HACKING | AI |
| 22.02.2025 | Deceptive Employment Scheme | A network from North Korea linked to the fraudulent IT worker scheme that was involved in the creation of personal documentation for fictitious job applicants, such as resumés, online job profiles and cover letters, as well as come up convincing responses to explain unusual behaviors like avoiding video calls, accessing corporate systems from unauthorized countries or working irregular hours. Some of the bogus job applications were then shared on LinkedIn. | HACKING | AI |
| 22.02.2025 | Sponsored Discontent | A network likely of Chinese origin that was involved in the creation of social media content in English and long-form articles in Spanish that were critical of the United States, and subsequently published by Latin American news websites in Peru, Mexico, and Ecuador. | HACKING | AI |
| 22.02.2025 | Romance-baiting Scam | A network of accounts that was involved in the translation and generation of comments in Japanese, Chinese, and English for posting on social media platforms including Facebook, X and Instagram in connection with suspected Cambodia-origin romance and investment scams. | HACKING | AI |
| 22.02.2025 | Iranian Influence Nexus | A network of five accounts that was involved in the generation of X posts and articles that were pro-Palestinian, pro-Hamas, and pro-Iran, and anti-Israel and anti-U.S., and shared on websites associated with an Iranian influence operations tracked as the International Union of Virtual Media (IUVM) and Storm-2035. | HACKING | AI |
| 22.02.2025 | Kimsuky and BlueNoroff | A network of accounts operated by North Korean threat actors that was involved in gathering information related to cyber intrusion tools and cryptocurrency-related topics, and debugging code for Remote Desktop Protocol (RDP) brute-force attacks | HACKING | AI |
| 22.02.2025 | Youth Initiative Covert Influence Operation | A network of accounts that was involved in the creation of English-language articles for a website named "Empowering Ghana" and social media comments targeting the Ghana presidential election | HACKING | AI |
| 22.02.2025 | Tesk Scam | A network of accounts likely originating from Cambodia that was involved in the translation of comments between Urdu and English as part of a scam that lures unsuspecting people into jobs performing simple tasks (e.g., liking videos or writing reviews) in exchange for earning a non-existent commission, accessing which requires victims to part with their own money. | HACKING | AI |
| 14.06.2024 | Sleepy Pickle Part 2 | Exploiting ML models with pickle file attacks: Part 2 | HACKING | ML |
| 14.06.2024 | Sleepy Pickle Part 1 | Exploiting ML models with pickle file attacks: Part 1 | HACKING | ML |