McKinsey's AI agent "Lilli" hacked - by another AI agent - thestack.technology
McKinsey's internal AI agent "Lilli" was breached through classic application security flaws, including an unauthenticated endpoint with a SQL in...
Read Analysis →Tag Analysis: #IDOR
Chatbots, APIs & AI Security Risks: Lessons from a Real Breach - Qualys
An Insecure Direct Object Reference (IDOR) vulnerability in an exposed API, combined with an unpatched legacy web application and weak credential hygiene, allow...
Read Analysis →McDonald’s AI Chatbot Breach Exposes 64 Million Records - Cyber Magazine
Security researchers gained unauthorized administrative access to Paradox.ai's McHire platform by exploiting a weak, decommissioned test account with "...
Read Analysis →