Add missing real-world AI incidents and expand ASI coverage#9
Open
syedDS wants to merge 2 commits intoGenAI-Security-Project:mainfrom
Open
Add missing real-world AI incidents and expand ASI coverage#9syedDS wants to merge 2 commits intoGenAI-Security-Project:mainfrom
syedDS wants to merge 2 commits intoGenAI-Security-Project:mainfrom
Conversation
12 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR updates the Exploits & Incidents Table with additional real-world incidents that were not previously captured, focusing on recent March 2026 attack patterns.
What’s added
LiteLLM supply chain compromise and downstream Mercor breach
Axios typosquatting campaign (Sapphire Sleet)
Codex Unicode injection leading to shell execution
Railway environment variable exposure
Delve compliance auditor compromise (fake SOC2 reports)
Claude compaction-based memory poisoning persistence
Meta rogue agent data exposure
Open the PR here as pointed by @almogbhl OWASP/www-project-top-10-for-large-language-model-applications#815