2026-03-27
[vendor] LiteLLM (open-source AI/LLM API library); PyPI (Python package registry)
Vector: TeamPCP (linked to Lapsus$) compromised the PyPI publishing credentials for the LiteLLM open-source AI API library, injecting malicious code into two versions on March 27, 2026; downstream victim Mercor was compromised via the backdoored package
On March 27, 2026, TeamPCP (a threat group also linked to the European Commission cloud breach) compromised PyPI publishing credentials for LiteLLM, a widely used open-source …
2026-03-26
Vector: TeamPCP (UNC6780) used credentials stolen in the Trivy GitHub Actions compromise to push malicious versions of LiteLLM to PyPI, creating a second-stage supply chain attack
The LiteLLM PyPI supply chain attack by TeamPCP involved a cascading attack chain: TeamPCP first compromised
the Trivy security scanner's GitHub Actions CI/CD pipeline (March 19, …
2026-02-15
[vendor] Moonwell
[loss] $2M
[chain] ethereum
Vector: AI-assisted attack or AI-generated exploit
After an oracle misconfiguration, the Moonwell defi lending protocol accumulated $1.78 million in bad debt. When the protocol showed that cbETH was priced at just over a dollar, …
2025-11-26
[vendor] Mixpanel analytics platform (used by OpenAI)
Vector: CWE-284: Improper Access Control (third-party analytics vendor breach)
Hackers breached Mixpanel, a third-party analytics vendor used by OpenAI to track user behavior on its API platform, on November 26, 2025. The breach exposed data belonging to …
2025-11-01
[vendor] Mixpanel
Vector: Compromise of third-party service provider / vendor relationship
In 2025, OpenAI experienced a data security incident via a third-party vendor relationship. The compromised
third-party vendor was Mixpanel. Source reporting: …
2025-10-01
[vendor] Mixpanel (product analytics SaaS)
Vector: OpenAI's product analytics vendor Mixpanel was compromised, exposing behavioral and account data that OpenAI had shared with Mixpanel for product analytics purposes
In November 2025, OpenAI disclosed that customer data had been exposed via Mixpanel, its third-party product analytics platform. OpenAI had shared user behavioral data with …
2025-09-24
[vendor] Griffin AI
[loss] $3M
[chain] bsc, ethereum
Vector: AI-assisted attack or AI-generated exploit
One day after Griffin AI launched its GAIN token on Binance Alpha, an attacker minted 5 billion fake GAIN tokens on the Ethereum blockchain, then exploited a cross-chain endpoint …
2025-01-01
[vendor] Multiple sectors — financial services, healthcare, critical infrastructure, technology companies globally
Vector: Threat actors use AI to automate reconnaissance, accelerate vulnerability exploitation, reduce time-to-breach, generate convincing phishing content at scale, and create adaptive malware that evades static detection; defenders face structural disadvantage as AI reduces skill barriers for attackers while defenders face integration and compliance costs
By 2025-2026, documented evidence shows AI is systematically accelerating cyberattack timelines and lowering barriers to entry for attackers, while defenders face structural …
2025-01-01
[vendor] Financial institutions, cryptocurrency exchanges, and identity verification platforms globally
Vector: Threat actors use generative AI tools to create synthetic identities combining real and fabricated personal data; deepfake video and voice generation is used to bypass live KYC (Know Your Customer) verification at banks and cryptocurrency exchanges; AI-driven phishing and vishing attacks increase success rates and reduce costs for attackers
By 2025-2026, AI-powered identity theft had emerged as a major and growing threat category, representing a structural shift in how identity fraud and credential theft are conducted …
2024-03-15
[vendor] NFPrompt discloses
[chain] bsc
Vector: AI-assisted attack or AI-generated exploit
A Binance-incubated platform called NFPrompt claims to be "the first Prompt Artist Platform in Web3" — with "prompt artist" referring to people who come up with prompts to feed …
2023-12-12
[vendor] "AI-powered" crypto ponzi
[loss] $25M
Vector: AI-assisted attack or AI-generated exploit
Two fraudsters capitalized on the hype around both cryptocurrency and artificial intelligence, advertising an "artificial intelligence automated trading bot" that they promised …
2023-03-20
[vendor] OpenAI ChatGPT; Redis (redis-py library)
Vector: A bug in the Redis client library (redis-py) used by OpenAI caused race conditions in connection pooling under high load, resulting in users being served cached data from other users' sessions — exposing conversation titles and personal payment information
On March 20, 2023, OpenAI took ChatGPT offline after discovering a bug in its Redis client library (redis-py open-source library) that caused some users to see other users' …
2022-08-17
[vendor] Binance exec claims deepfake
Binance's chief communications officer, Patrick Hillman, has come out with a blog post claiming that "Scammers created an AI hologram of me to scam unsuspecting projects". …
2022-05-27
[vendor] Elon Musk deepfake
[loss] $1,700
[chain] bitcoin
Vector: Smart contract exploit / hack
A somewhat robotic-sounding deepfake Elon Musk speaks to a deepfaked interviewer, who asks "what can you tell us about your project and how can it help people get rich right now?" …
2020-07-20
[vendor] Microsoft Azure Blob Storage (SAS token misconfiguration)
Vector: Misconfigured Azure SAS (Shared Access Signature) token published to a public GitHub repository by Microsoft AI researchers; the SAS token was configured with 'full control' permissions on an entire Azure Blob Storage account rather than read-only access to a specific folder — granting any GitHub visitor read, write, and delete access to all 38TB of data in the account
On July 20, 2020, Microsoft's AI research team published open-source AI training data to GitHub and inadvertently included an overpermissioned Azure SAS token in the repository. …
2020-07-01
[vendor] Microsoft Azure Storage (AI division internal data)
Vector: Microsoft AI researchers accidentally included an overly permissive Azure Shared Access Signature (SAS) token when publishing open-source training data to a public GitHub repository; the SAS token granted full read-write-delete access to the entire Azure Storage account — not just the intended public dataset
In July 2020, Microsoft's AI research division accidentally published an Azure Shared Access Signature (SAS) token with overly permissive access when sharing an open-source …
