AI Agents Demonstrate Autonomous Exploitation of Blockchain Smart Contracts

The article explicitly involves AI systems (Anthropic's Claude models and OpenAI's GPT-5) autonomously generating smart contract exploits that could cause financial harm. The research shows that these AI systems have already developed exploits worth millions and uncovered zero-day vulnerabilities, directly linking AI use to potential and realized harm. This fits the definition of an AI Incident because the AI system's use has directly led to harm (or at least the credible realization of harm) through exploitation of smart contracts, which are valuable digital assets. The event is not merely a potential hazard or complementary information but documents realized AI-driven exploitation capabilities and associated harms.

The article explicitly involves AI systems (frontier models like GPT-5, Claude Opus 4.5, Sonnet 4.5) used to autonomously find and exploit vulnerabilities in smart contracts, which are AI systems performing complex tasks such as vulnerability detection and exploit synthesis. The research shows these AI systems have directly led to simulated financial harm (simulated exploits worth millions and zero-day flaws exploited for profit), demonstrating realized harm in a controlled environment. The potential for these AI capabilities to be weaponized by bad actors in the wild implies a credible risk of real-world financial harm and broader infrastructure compromise. This meets the definition of an AI Incident because the AI system's use has directly led to harm (simulated but realistic financial exploitation) and also constitutes an AI Hazard due to the plausible future harm to software and infrastructure beyond DeFi. The article is not merely a general AI research announcement but documents concrete AI-driven exploitations and warns of their implications, thus qualifying as an AI Incident primarily.

The article explicitly involves AI systems (frontier AI models) used to identify and exploit smart contract vulnerabilities. While the exploits were simulated and no actual harm occurred, the demonstrated capabilities and the discovery of zero-day vulnerabilities indicate a credible risk of future AI-driven cyberattacks causing real financial harm. The AI's role in weaponizing vulnerabilities and the potential for scaling attacks make this a plausible future harm scenario. Since no actual harm has yet occurred, it is classified as an AI Hazard rather than an AI Incident.

The article explicitly mentions AI agents exploiting smart contract vulnerabilities, which involves AI system use. The research demonstrates potential automated attacks, indicating a plausible risk of harm to property and financial assets in DeFi. Since the harm is not reported as realized but is a credible threat, this qualifies as an AI Hazard rather than an AI Incident.

The article explicitly involves AI systems (Claude Opus 4.5, GPT-5, etc.) used to find and exploit vulnerabilities in smart contracts. The exploits were performed in simulation, so no direct harm occurred, but the demonstrated capability shows a credible risk of future AI-driven attacks causing financial harm in real blockchain environments. This fits the definition of an AI Hazard, as the AI's use could plausibly lead to an AI Incident involving harm to property and communities (financial losses in DeFi). The event is not an AI Incident because no real funds were stolen or harmed, and it is not Complementary Information since it reports new findings about AI capabilities and risks rather than updates or responses to past incidents.

The article explicitly mentions AI systems autonomously exploiting vulnerabilities in blockchain contracts, which are software systems, leading to simulated theft of funds. This demonstrates the AI systems' capability to cause harm to property and financial assets. The autonomous execution of attacks without human intervention and the rapid increase in exploit profits indicate a plausible and credible risk of actual cyberattacks causing real harm. Therefore, this event qualifies as an AI Hazard because it describes a circumstance where AI use could plausibly lead to an AI Incident involving harm to property and financial assets. Since the harm is currently simulated and not yet realized, it does not meet the threshold for an AI Incident but clearly represents a significant AI Hazard.

The event involves AI systems explicitly used to identify and exploit vulnerabilities in smart contracts, which are critical components of blockchain financial infrastructure. While the tests were conducted in simulators without causing actual harm, the AI models successfully created exploits that could lead to direct theft of funds, demonstrating a plausible pathway to significant financial harm. This fits the definition of an AI Hazard, as the development and use of these AI systems could plausibly lead to an AI Incident involving harm to property and communities through financial theft. Since no actual harm occurred yet, and the event focuses on demonstrating potential risks, it is classified as an AI Hazard rather than an AI Incident.

The article explicitly involves AI systems (advanced language models like GPT-5, Claude Opus 4.5, Sonnet 4.5) performing autonomous tasks of vulnerability detection and exploitation in smart contracts, which are AI systems by definition. While the harms described are currently simulated and not yet realized, the research warns that these capabilities could rapidly lead to real-world financial damage and security incidents. This fits the definition of an AI Hazard, as the AI's development and use could plausibly lead to significant harm (financial loss, disruption of crypto infrastructure). There is no indication that actual harm has yet occurred, so it is not an AI Incident. The article is not merely complementary information or unrelated news, as it focuses on the credible risk posed by these AI capabilities.

The article explicitly details AI systems (AI agents) being used to find and exploit vulnerabilities in smart contracts, leading to simulated thefts totaling $4.6 million and the discovery of zero-day bugs that were exploited in real contracts causing financial losses. The AI systems' use directly led to harm (financial theft and exploitation of security flaws), fulfilling the criteria for an AI Incident. The harm is materialized (not just potential), and the AI's role is pivotal in the exploitation process. Hence, this is not merely a hazard or complementary information but an AI Incident.

The event explicitly involves AI systems used to find and simulate exploits in smart contracts that manage real financial assets. The AI's role in discovering vulnerabilities and simulating theft directly relates to potential or actual harm to property and financial assets. Although the exploits are simulated, the demonstration shows that AI can enable or facilitate significant financial harm if misused. This constitutes a plausible and concrete risk of harm, meeting the criteria for an AI Hazard. There is no indication that actual harm has yet occurred due to these AI exploits, only that the AI systems can perform such exploits and thus pose a credible threat.

The article explicitly involves AI systems autonomously performing complex hacking tasks that exploit zero-day vulnerabilities, leading to financial harm (simulated profits from exploits). This constitutes direct harm to property and financial assets, fulfilling the criteria for an AI Incident. The AI systems' use in offensive cyber operations and the demonstration of successful exploits confirm the AI system's development and use directly leading to harm. Although the exploits were validated in sandboxed simulations, the demonstrated capability and economic implications indicate realized harm and a significant threat, not merely a potential hazard.

The article explicitly involves AI systems (AI agents and models like GPT-5 and Claude variants) that autonomously identify and exploit vulnerabilities in smart contracts, leading to simulated financial losses amounting to hundreds of millions of dollars. This demonstrates direct involvement of AI in activities that could cause significant harm to property and financial assets. Although the exploits are currently simulated or white-hat recovered, the demonstrated capability and potential for real-world autonomous exploitation constitute a direct AI Incident due to realized or imminent harm to financial systems. The research also highlights the urgent need for defensive measures, but the core event is the AI-enabled exploitation capability and its financial harm implications.

The article explicitly involves AI systems (GPT-5, Sonnet 4.5) autonomously generating exploit scripts and identifying vulnerabilities in DeFi protocols, which are software systems managing financial assets. While the exploits are simulated and no actual financial loss is reported yet, the research shows that AI-driven autonomous attacks are economically feasible and likely to expand rapidly, posing a credible risk of harm to property and communities. Since no actual harm has yet occurred but the potential for significant harm is clearly demonstrated, this event fits the definition of an AI Hazard rather than an AI Incident. It is not Complementary Information because the article focuses on new research revealing a threat rather than updates or responses to past incidents. It is not Unrelated because the AI system's role and the plausible harm are central to the report.

The article explicitly involves AI systems (AI agents) that autonomously identify and exploit vulnerabilities in blockchain smart contracts. While the exploits described are simulated, the research warns that these capabilities are rapidly advancing and that real-world harm (financial theft) could plausibly occur soon. The event does not describe actual realized harm yet but highlights a credible and imminent risk of AI-driven blockchain exploits causing significant financial damage. Therefore, this qualifies as an AI Hazard due to the plausible future harm from AI-enabled autonomous hacking.

The article explicitly mentions AI systems (Anthropic's AI agents including Claude Opus 4.5, Claude Sonnet 4.5, and GPT-5) being used to exploit smart contracts, resulting in simulated theft of large sums of money. The AI systems' autonomous exploitation of vulnerabilities directly leads to financial harm in the simulation, which is a clear example of harm to property and communities. The report also states that such autonomous exploitation is already possible today, indicating realized harm or at least a direct demonstration of harm. Hence, this event meets the criteria for an AI Incident rather than a hazard or complementary information.

The article explicitly involves AI systems designed to analyze and exploit smart contracts, which are AI systems performing complex reasoning and autonomous actions. Although the AI agents successfully simulated exploits worth millions of dollars, these occurred only in sandboxed environments with no real funds affected, so no actual harm has materialized. The demonstrated capabilities, however, plausibly indicate a credible risk of future AI-driven financial harm if such tools are misused or deployed maliciously. Therefore, this event fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident involving financial harm in DeFi ecosystems. The article also discusses potential defensive uses of AI but does not report any realized harm or legal/governance responses, so it is not Complementary Information or an Incident.

The article explicitly involves AI systems (Claude Opus 4.5, Claude Sonnet 4.5, GPT-5) performing complex tasks of analyzing and exploiting smart contracts, which are AI systems by definition. The event stems from the use of AI systems to find vulnerabilities and simulate attacks. Although the testing was done in simulation with no real funds affected, the demonstrated capability shows a plausible risk that such AI could be used maliciously in live environments, leading to financial harm (harm to property). Since no actual harm has occurred yet, but the risk is credible and clearly articulated, this fits the definition of an AI Hazard rather than an AI Incident. The article also discusses the dual-use nature of the AI tools, but the main focus is on the potential for harm, not on remediation or governance responses, so it is not Complementary Information.

The event explicitly involves AI systems (advanced AI agents like Claude Opus 4.5, Claude Sonnet 4.5, and GPT-5) autonomously discovering and exploiting software vulnerabilities. Although the exploits were simulated and no actual theft occurred, the research demonstrates that such AI-driven attacks are technically feasible and rapidly improving, indicating a credible risk of future harm. The potential harm includes financial loss through cyber exploitation, which fits the harm to property category. Since no actual harm has yet occurred but the risk is clearly plausible and imminent, this event is best classified as an AI Hazard rather than an AI Incident. The research and public benchmark release also serve to warn and prepare defenders, but the main focus is on the emerging threat rather than a response, so it is not Complementary Information.

The AI systems' autonomous exploitation of smart contract vulnerabilities directly leads to financial harm (losses of millions of dollars) and security risks, fulfilling the criteria for an AI Incident. The event involves the use of AI systems in a harmful manner (attack capabilities) that have already been demonstrated in simulations reproducing real exploits and discovering new vulnerabilities, indicating realized or imminent harm potential. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The event involves AI systems (frontier AI models) whose use in identifying and synthesizing exploit scripts for smart contract vulnerabilities has directly led to simulated financial exploits and demonstrates the technical feasibility of autonomous attacks. This constitutes a direct or indirect harm (financial loss, security breaches) linked to AI use. Therefore, this qualifies as an AI Incident because the AI systems' use has directly led to harm or the realistic potential for harm in the DeFi ecosystem.

The article explicitly involves AI systems (Anthropic's Frontier models including GPT-5 and Claude Opus 4.5) that autonomously analyze smart contracts, generate exploit scripts, and simulate attacks that correspond to real-world financial losses in DeFi protocols. The AI agents' activities directly relate to economic harm (loss of millions of dollars in liquidity pools) and security breaches, fulfilling the criteria for harm to property and communities. The AI's role is pivotal in enabling these exploits at low cost and high speed, demonstrating a direct causal link between AI use and realized harm. Although the exploits are simulated in a controlled environment, the fact that these are reconstructions of actual past attacks and the discovery of novel zero-day vulnerabilities indicate that AI is actively facilitating harm or its replication. Hence, this is an AI Incident rather than a hazard or complementary information.

The event explicitly involves AI systems (Anthropic's Frontier models including GPT-5 and Claude Opus 4.5) that autonomously analyze smart contract code, reason about vulnerabilities, and generate exploit scripts that simulate real financial thefts. The AI's use has directly led to the identification and simulation of exploits that correspond to actual on-chain attacks causing economic harm to DeFi protocols, fulfilling the criteria for an AI Incident due to harm to property and communities (economic losses in DeFi). The article also discusses the implications for security practices but the core event is the realized capability of AI to reconstruct and discover exploits that have caused or could cause real harm.

The event involves AI systems (large language models like GPT-5 and Claude variants) autonomously analyzing and exploiting smart contracts, which are software programs on blockchains. The AI's use has directly led to significant financial harm through hacking exploits, fulfilling the criteria for an AI Incident. The article explicitly states that AI has already hacked contracts and caused substantial simulated financial losses, indicating realized harm rather than just potential risk. Therefore, this is an AI Incident involving harm to property and communities.

The article explicitly involves AI systems (AI agents using advanced models like Claude and GPT-5) that autonomously identify and generate exploit code for smart contract vulnerabilities. While no actual theft has been reported, the research shows that such attacks are feasible and profitable, indicating a credible risk of future harm to property and financial assets. This fits the definition of an AI Hazard, as the AI's use could plausibly lead to an AI Incident involving theft and financial harm. The article does not describe an actual incident of harm occurring, so it is not an AI Incident. It is not merely complementary information because the main focus is on the potential for harm from AI-enabled exploitation, not on responses or ecosystem context. Therefore, the correct classification is AI Hazard.

The article explicitly describes AI systems (large language models like Claude Opus 4.5 and GPT-5) being used to find and exploit vulnerabilities in smart contracts, which are computer programs controlling financial assets on blockchains. The AI-generated exploits simulate theft of millions of dollars, indicating direct involvement of AI in causing or enabling harm to property (financial assets). Although the exploits are in simulated environments, the demonstrated capabilities and the mention of a recent real-world $120 million heist with possible AI involvement show that the AI's role in causing or enabling harm is direct or indirect and material. Therefore, this event meets the criteria for an AI Incident due to realized or ongoing harm linked to AI use in hacking smart contracts.

The article centers on a report that forecasts potential negative impacts of AI on inequality, employment, and data security, including a projection that over 40% of data breaches by 2027 could stem from misuse of generative AI. However, it does not describe any concrete AI incident or harm that has already occurred. Instead, it outlines plausible future risks and systemic challenges related to AI development and governance. Therefore, the event fits the definition of an AI Hazard, as it concerns credible potential harms that could plausibly arise from AI use and misuse in the future, rather than an AI Incident or Complementary Information.

The article centers on the potential risks and future harms of AI, including job losses, bias, and inequality, but does not report any actual AI-caused harm or incident that has already occurred. It is a policy and research report highlighting plausible future harms and the need for governance, fitting the definition of an AI Hazard. There is no direct or indirect harm realized yet, so it is not an AI Incident. It is more than general AI news, as it focuses on risks and governance, so it is not Unrelated. It is not Complementary Information since it does not update or respond to a prior incident but rather presents new hazard information.

The event explicitly involves AI systems (multiple AI models) used to hack smart contracts, leading to realized or potential financial harm amounting to millions of dollars. This constitutes direct involvement of AI in causing harm to property and financial assets, fulfilling the criteria for an AI Incident. The harm is materialized or clearly demonstrated through successful intrusions and potential asset losses. Therefore, this is classified as an AI Incident rather than a hazard or complementary information.

The article centers on the plausible future harms that AI could cause if left unregulated, such as increased inequality, job displacement, and data misuse. It does not report any actual harm or incident caused by AI systems at present. The mention of risks and the need for governance aligns with the definition of an AI Hazard, as it plausibly could lead to AI incidents in the future. There is no description of a specific AI incident or realized harm, nor is the article primarily about responses or updates to past incidents, so it is not Complementary Information. Therefore, the event is best classified as an AI Hazard.

The article involves AI systems in the context of their use in workplaces and their influence on employment decisions. However, it does not describe any realized harm or incident caused by AI systems. The discussion is about potential and emerging impacts, with no direct or indirect harm reported. Therefore, it does not qualify as an AI Incident or AI Hazard. It is best classified as Complementary Information because it provides contextual and analytical information about AI's evolving role in the labor market and corporate strategies, enhancing understanding of AI's societal implications without reporting a specific harmful event.

The event involves AI systems in the context of their potential misuse to develop biological weapons that could cause widespread harm (pandemics). However, the article describes a hypothetical scenario and expert warnings about plausible future risks rather than a realized harm or incident. Therefore, it fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident involving harm to health and communities but has not yet materialized.

The article clearly involves AI systems, specifically advanced AI and superintelligence efforts by major companies. It documents existing harms (psychological harm from chatbots, AI-assisted cyberattacks) linked to AI use, fulfilling criteria for an AI Incident. Additionally, it discusses the credible risk of catastrophic outcomes and loss of control over AI systems, which constitutes an AI Hazard. However, since actual harms are reported alongside potential future harms, the classification prioritizes AI Incident. The article also includes complementary information about governance and societal responses but the primary focus is on the harms and risks, justifying classification as an AI Incident.

The article does not report any realized harm or a specific AI incident or hazard. It mainly offers expert opinions and economic analysis on the potential and ongoing societal changes driven by AI technologies. There is no mention of an AI system causing injury, rights violations, infrastructure disruption, or other harms. Nor does it describe a credible imminent risk or near miss event. Therefore, it is best classified as Complementary Information, as it enhances understanding of AI's broader implications without reporting a concrete incident or hazard.

The event involves AI systems explicitly (AI agents trained to navigate websites autonomously). The cloning of websites and use of copyrighted material without permission is a development and use issue that could plausibly lead to violations of intellectual property rights, a recognized harm under the framework. However, the article does not report any realized harm or incident caused by the AI systems themselves, only potential legal risks and ethical concerns. Thus, it does not meet the criteria for an AI Incident but fits as an AI Hazard due to the plausible future harm from copyright violations and misuse of cloned sites for AI training.

The article explicitly mentions AI systems deployed for censorship and surveillance, including content filtering, user behavior scoring, and judicial decision support. These uses directly contribute to violations of human rights (freedom of expression, privacy, fair trial rights) and harm to communities through political control and repression. The harms are ongoing and systemic, not hypothetical, thus qualifying as an AI Incident. The involvement of AI in these harms is clear and central to the event described.

The event involves AI systems explicitly, as it discusses AI investments, AI-driven restructuring, and AI tools used in workplace management and surveillance. The harms include labor rights violations (job losses, increased pressure), potential human rights violations (surveillance increasing authoritarian risks), and environmental harm (increased emissions from AI infrastructure). These harms are ongoing and directly linked to AI development and use by Amazon, qualifying this as an AI Incident. The event is not merely a warning or potential risk (AI Hazard), nor is it a response or update (Complementary Information), nor unrelated news.

The article does not describe any specific AI Incident or AI Hazard. It does not report any realized harm or a concrete event where AI caused or could plausibly cause harm. Instead, it provides recommendations and ethical considerations for using AI in homework and learning, aiming to prevent misuse and promote responsible use. This fits the definition of Complementary Information, as it enhances understanding and informs stakeholders about managing AI's impact in education without describing a new incident or hazard.