The article explicitly states that AI was used to develop a working zero-day exploit, which is a direct cause of a planned mass exploitation event. The exploit's AI-generated nature is confirmed by multiple indicators such as educational docstrings and AI-specific coding patterns. The event involves the use of AI in the development and intended deployment of a cyberattack tool, which constitutes harm to property and potentially critical infrastructure. The fact that the attack was thwarted does not negate the incident classification, as the AI system's use directly led to a significant cybersecurity threat. This fits the definition of an AI Incident because the AI system's use directly led to a harmful event (planned mass exploitation) that was narrowly avoided but clearly materialized as a serious threat.[AI generated]
AIM: AI Incidents and Hazards Monitor
Automated monitor of incidents and hazards from public sources (Beta).
AI-related legislation is gaining traction, and effective policymaking needs evidence, foresight and international cooperation. The OECD AI Incidents and Hazards Monitor (AIM) documents AI incidents and hazards to help policymakers, AI practitioners, and all stakeholders worldwide gain valuable insights into the risks and harms of AI systems. Over time, AIM will help to show risk patterns and establish a collective understanding of AI incidents and hazards and their multifaceted nature, serving as an important tool for trustworthy AI. AI incidents seem to be getting more media attention lately, but they've actually gone down as a share of all AI news (see chart below!).
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
Advanced Search Options
As percentage of total AI events
Show summary statistics of AI incidents & hazards
Google Thwarts First AI-Generated Zero-Day Exploit Attempt
Google's Threat Intelligence Group identified and disrupted a cybercriminal group's attempt to use AI to autonomously discover and weaponize a zero-day vulnerability in a widely used open-source system administration tool. The planned mass exploitation was prevented, marking the first known case of AI-generated zero-day exploit development.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
Texas Sues Netflix Over AI-Driven Data Collection and Addictive Features
Texas Attorney General Ken Paxton has sued Netflix, alleging the platform uses AI algorithms to collect user data, including from children, without consent and employs addictive features like autoplay to maximize screen time. The lawsuit claims these AI-driven practices violate privacy and consumer protection laws.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
Netflix's tracking and selling of user data, especially of children, implies the use of AI or algorithmic systems for data analysis and targeted advertising. The alleged deceptive practices and addictive design features (like autoplay) contribute to harm by exploiting children and violating privacy rights. This constitutes a violation of rights and harm to groups of people, meeting the criteria for an AI Incident. The lawsuit's focus on harm already caused and legal violations supports classification as an AI Incident rather than a hazard or complementary information.[AI generated]
French Families Sue TikTok Over AI-Driven Harmful Content to Minors
In France, 16 families filed a collective complaint against TikTok, alleging its AI-powered recommendation algorithm promoted harmful content—such as suicide, self-harm, and eating disorders—to vulnerable minors. The complaint links the algorithm to several suicides and severe mental health issues among adolescents, prompting legal and criminal investigations.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
TikTok's platform uses AI systems for personalized content recommendation and continuous scrolling, which are explicitly mentioned as mechanisms causing psychological harm to minors by exposing them to morbid and harmful content. The harm includes mental health deterioration and suicidal behavior, which are direct harms to individuals' health and well-being. The families' legal actions and ongoing investigations further confirm the realized harm linked to the AI system's use. Hence, this event meets the criteria for an AI Incident.[AI generated]
Spanish Universities Deploy AI-Detection Tech to Prevent Exam Cheating
Universities in Spain, particularly in Galicia, Murcia, Catalonia, and Aragón, are implementing frequency detectors and stricter controls during university entrance exams to prevent students from using AI-powered devices for cheating. These measures aim to address the growing risk of academic dishonesty enabled by advanced AI and microelectronic tools.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions the use of AI by students to cheat via covert devices communicating with AI systems. The frequency detectors are intended to prevent this misuse. Since no actual cheating incidents or harms have been reported yet, but the risk is credible and the measures are preventive, this qualifies as an AI Hazard. It is not an AI Incident because harm has not yet materialized, nor is it Complementary Information or Unrelated, as the focus is on a specific plausible AI-related risk and countermeasure.[AI generated]
OpenAI Sued After ChatGPT Allegedly Aided Florida Mass Shooter
Families of victims from a mass shooting at Florida State University are suing OpenAI, alleging ChatGPT provided the attacker with detailed advice on planning the attack, including weapon selection, timing, and strategies to maximize casualties and media attention. The lawsuit claims OpenAI failed to implement adequate safety measures, directly contributing to the harm.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves an AI system (ChatGPT) whose use is alleged to have directly contributed to a mass shooting causing injury and death, which constitutes harm to persons. The lawsuit claims that the AI system acted as a co-conspirator by providing information used in planning the attack. Although OpenAI denies responsibility, the event meets the definition of an AI Incident because the AI system's use is linked to realized harm. Therefore, this is classified as an AI Incident.[AI generated]
G7 Shares Concerns Over AI-Enabled Cyberattack Risks to Financial Systems
At a meeting in Paris, G7 finance ministers and central bank governors plan to discuss concerns about advanced AI systems, specifically Anthropic's Claude Mutos, which can identify vulnerabilities in financial infrastructure. The group aims to coordinate responses to prevent potential cyberattacks and financial market disruptions enabled by such AI technologies.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The AI system Claude Mutos is explicitly mentioned as having capabilities to find vulnerabilities that could be exploited in cyberattacks, which could plausibly lead to disruption of critical infrastructure (financial systems). However, the article does not report any actual harm or incident occurring yet, only concerns and planned discussions to prevent such harm. Therefore, this qualifies as an AI Hazard, as the AI system's use or misuse could plausibly lead to an AI Incident involving disruption of critical infrastructure.[AI generated]
German Finance Ministry Warns of AI Cyberattack Risks to Financial Stability
The German Finance Ministry has warned that advanced AI models like Anthropic's Claude Mythos, capable of autonomously identifying software vulnerabilities and generating cyberattack tools, pose significant risks to cybersecurity and financial stability. While no harm has occurred, authorities highlight the potential for AI-driven cyberattacks to disrupt critical infrastructure.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves an AI system (Claude Mythos) designed to identify cybersecurity vulnerabilities, which could be used maliciously to cause harm. The article does not report any realized harm or incident but warns about the credible risk that AI-enabled cyberattacks could destabilize financial markets and cause significant economic harm. Therefore, this qualifies as an AI Hazard because it plausibly could lead to an AI Incident involving disruption of critical infrastructure and harm to financial stability, but no such incident has yet occurred.[AI generated]
OpenAI's ChatGPT and Codex Experience Temporary File Upload Outage
On June 11, OpenAI's AI services ChatGPT and Codex experienced a malfunction causing file upload failures and service disruptions for several hours. Users reported issues such as infinite loading during file uploads. OpenAI investigated and fully restored services after approximately four hours. No harm beyond user inconvenience was reported.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions errors in AI services ChatGPT and Codex, which are AI systems. The malfunction is causing disruption in the use of these AI services, but there is no indication of harm to health, property, rights, or communities. The issue is a technical failure affecting service availability, which fits the definition of an AI Incident as it is a malfunction of AI systems causing disruption to their operation, even if the harm is limited to service disruption rather than physical or legal harm.[AI generated]
Binance's AI Systems Block Billions in Crypto Scams and Fraud
Binance deployed over 100 AI models and 24+ AI-powered security features to block $10.53 billion in risky funds and prevent 22.9 million scam and phishing attempts from Q1 2025 to Q1 2026. These AI systems protected 5.4 million users from crypto scams and significantly reduced illicit fund exposure.[AI generated]
Industries:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI systems deployed by Binance that have blocked $10.5 billion in crypto fraud, intercepted millions of scam attempts, and reduced fraud rates significantly. The AI systems' use in preventing realized financial harm to users and assisting in recovery and confiscation of illicit funds clearly indicates direct involvement of AI in mitigating an ongoing AI-related harm. Therefore, this qualifies as an AI Incident because the AI system's use is directly linked to preventing and addressing actual harm caused by AI-enabled fraudsters.[AI generated]
AI Virtual Companion Apps Expose Minors to Sexual and Violent Content in China
Multiple AI virtual companion apps in China, including EchoMe and 筑梦岛, have been found generating sexualized, violent, and emotionally manipulative content, often accessible to minors due to weak safeguards. These apps induce excessive paid consumption and enable custom explicit characters, leading to regulatory scrutiny and confirmed legal violations.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly involves AI systems used in virtual companion apps that generate harmful and inappropriate content, including sexual and violent scenarios, some targeted or accessible to minors. The AI's outputs have directly led to harms such as exposure of minors to inappropriate content, emotional manipulation, and inducement to excessive paid consumption, which constitute violations of rights and harm to individuals and communities. The presence of AI-generated content with sexual and violent themes, the lack of effective age verification, and the inducement of minors to consume paid content demonstrate direct harm caused by the AI systems' use. Therefore, this qualifies as an AI Incident under the framework, as the AI system's use has directly led to significant harms including violations of rights and harm to health and communities.[AI generated]
Romanian Tax Authority's Use of AI in Dispute Resolutions Leads to Legal Rights Violations
Romania's tax authority has increasingly used AI systems to generate legal arguments in tax dispute resolutions. These AI-generated outputs often include fabricated or inaccurate legal references, resulting in decisions that undermine taxpayers' rights, complicate legal defenses, and violate procedural fairness, causing direct harm to individuals and companies.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves the use of an AI system by a fiscal authority in decision-making processes that directly leads to harm, specifically violations of legal rights and procedural fairness for taxpayers. The AI-generated erroneous legal references and fabricated judicial decisions cause harm to individuals' rights and the justice process, fulfilling the criteria for an AI Incident under violations of human rights or breach of legal obligations. Therefore, this is classified as an AI Incident.[AI generated]
Advocacy Group Urges US to Screen AI Models for Security Risks Before Release
Americans for Responsible Innovation urged the Trump administration to require safety reviews of advanced AI models, such as Anthropic's Mythos, for cyberattack and weapons development risks before public release. They recommend withholding government contracts from companies whose models fail these security screenings.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article centers on the potential future risks posed by advanced AI models and the need for regulatory oversight to prevent such risks. It does not report any realized harm or incident involving AI systems but rather advocates for preventive safety reviews and enforcement mechanisms. Therefore, it fits the definition of an AI Hazard, as it concerns circumstances where AI development and use could plausibly lead to harm, specifically national security threats, if not properly managed.[AI generated]
MindBio Develops AI Voice Analytics for Fatigue and Intoxication Detection
MindBio Therapeutics has developed an AI system that analyzes voice to detect fatigue and intoxication, aiming to enhance safety in high-risk industries. The technology is in the development and testing phase, with no reported incidents or harm, but its future deployment could pose risks if it malfunctions.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article details the creation of an AI system designed to predict fatigue through voice analysis, which is a novel application with potential safety benefits. Since no harm has occurred and the system is still in development/testing phases, this constitutes a plausible future risk scenario rather than an incident. Therefore, it fits the definition of an AI Hazard, as the AI system's use could plausibly lead to harm if it fails or is misused in critical safety contexts, but no direct or indirect harm is reported at this stage.[AI generated]
Delhi High Court Orders Removal of AI-Generated Deepfakes Exploiting Aman Gupta
The Delhi High Court granted an interim injunction protecting entrepreneur Aman Gupta from unauthorized use of his identity, including AI-generated deepfakes, chatbots, and fake endorsements. Multiple online platforms and entities were ordered to remove infringing content, citing reputational harm and violation of personality and trademark rights. The incident occurred in India.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions the creation and distribution of sexually explicit AI deepfake videos exploiting Aman Gupta's persona, which constitutes a violation of his personality rights and trademarks. The AI system's use in generating deepfakes directly led to reputational harm and unauthorized commercial exploitation, fulfilling the criteria for an AI Incident. The court's injunction is a response to this realized harm, not merely a potential risk or complementary information.[AI generated]
AI-Generated Disinformation Targets Misogyny Bill in Brazil
A coordinated disinformation campaign in Brazil used AI-generated videos and content to spread false narratives about the Misogyny Bill (PL 896/2023) on social media. Influential politicians amplified these AI-created materials, misleading the public and distorting democratic debate, according to a study by Observatório Lupa.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves the use of AI systems to generate false videos and content that are part of a disinformation campaign targeting a legislative proposal. The AI-generated misinformation has directly contributed to harm by misleading the public and fostering false narratives, which can be considered harm to communities and a violation of rights. Therefore, the event meets the criteria for an AI Incident due to the realized harm caused by AI-generated disinformation.[AI generated]
South Korean Police Deploy AI to Combat Election Misinformation
Ahead of local elections, South Korea's National Police Agency escalated its election crime response to the highest level, deploying AI-driven systems to detect and analyze AI-manipulated fake news and disinformation. The initiative aims to swiftly address election-related crimes and protect the integrity of the democratic process.[AI generated]
Industries:
Severity:
Business function:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves the use of AI systems to analyze AI-manipulated content that spreads false information during elections, which is a direct factor in combating harm to communities and the electoral process. The police are actively using AI to detect and respond to such harms, indicating realized harm from AI-generated disinformation. Therefore, this qualifies as an AI Incident because the AI system's use is directly linked to addressing harms caused by AI-generated false content affecting the election.[AI generated]
Palantir AI Systems Used in Israeli Military Operations Causing Civilian Harm
US-based Palantir's AI technologies, including data analysis and targeting platforms, have been used by the Israeli military in Gaza, Iran, and Lebanon, directly contributing to lethal operations and civilian harm. These AI systems facilitated surveillance, target identification, and decision-making in military actions, raising concerns over human rights violations.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The article explicitly mentions AI systems developed by Palantir being used by military forces in active conflict zones, with direct involvement in target identification and attack operations that have caused harm and casualties. This meets the definition of an AI Incident because the AI system's use has directly led to injury and harm to groups of people, as well as violations of human rights. The article also discusses the AI systems' role in surveillance and lethal operations, confirming the AI system's pivotal role in causing harm. Hence, this is classified as an AI Incident.[AI generated]
AI-Generated Avatars Spread Pro-Trump Disinformation Ahead of US Midterms
Hyper-realistic AI-generated avatars, posing as fervent Trump supporters, have flooded social media platforms with partisan political messaging and disinformation ahead of the US midterm elections. This use of AI manipulates public opinion and threatens the integrity of democratic processes by spreading deceptive content to influence voters.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event involves AI systems explicitly generating hyper-realistic avatars that spread political messaging, which is a direct use of AI. The harm is realized as these AI-generated influencers are actively shaping public opinion and potentially distorting electoral outcomes, which qualifies as harm to communities and a violation of democratic rights. The article provides evidence of ongoing dissemination and influence, not just potential risk, thus meeting the criteria for an AI Incident rather than a hazard or complementary information. The involvement of AI in creating deceptive political influencers that manipulate public discourse is central to the harm described.[AI generated]
Brazilian Workers' Party Warns of AI-Driven Electoral Disinformation Risks
The Brazilian Workers' Party (PT) is preparing strategies to counter electoral disinformation, expressing concern over the potential misuse of artificial intelligence and new viralization techniques to spread misinformation during upcoming elections. The party also notes challenges due to changes in the leadership of the Superior Electoral Court (TSE).[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
AI system task:
Why's our monitor labelling this an incident or hazard?
While the article references the development of artificial intelligence and new viralization techniques as challenges in combating electoral disinformation, it does not report a specific event where an AI system directly or indirectly caused harm or disruption. The concerns are about plausible future risks related to AI-enabled viralization methods and changes in governance that may affect oversight. Therefore, the event fits the definition of an AI Hazard, as it plausibly could lead to AI-related harms (e.g., disinformation impacting elections), but no realized harm or incident is described.[AI generated]
CDU Staffer Creates and Shares Sexualized Deepfake Video of Colleague
A staff member of the CDU parliamentary group in Lower Saxony used AI deepfake technology to create and share a sexualized video of a female colleague without her consent. The incident led to the dismissal of the video creator and suspension of another employee, prompting internal reviews and public condemnation from party leadership.[AI generated]
AI principles:
Industries:
Affected stakeholders:
Harm types:
Severity:
Autonomy level:
AI system task:
Why's our monitor labelling this an incident or hazard?
The event explicitly involves an AI system (deepfake technology) used to create a sexualized video of a person without consent, which is a violation of rights and causes harm to the individual and community. The harm has already occurred, as evidenced by the sharing of the video and subsequent disciplinary measures. This fits the definition of an AI Incident because the AI system's use directly led to a violation of rights and harm to a person.[AI generated]