aim-logo

AIM: AI Incidents and Hazards Monitor

Automated monitor of incidents and hazards from public sources (Beta).

AI-related legislation is gaining traction, and effective policymaking needs evidence, foresight and international cooperation. The OECD AI Incidents and Hazards Monitor (AIM) documents AI incidents and hazards to help policymakers, AI practitioners, and all stakeholders worldwide gain valuable insights into the risks and harms of AI systems. Over time, AIM will help to show risk patterns and establish a collective understanding of AI incidents and hazards and their multifaceted nature, serving as an important tool for trustworthy AI. AI incidents seem to be getting more media attention lately, but they've actually gone down as a share of all AI news (see chart below!).

The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.

Advanced Search Options

As percentage of total AI events
Note: An AI incident or hazard can be reported by one or more news articles covering the same event. Data processing powered by Microsoft Azure using data from Event Registry.
Show summary statistics of AI incidents & hazards
Results: About 16179 incidents & hazards
Thumbnail Image

AI Infrastructure Expansion Drives Surge in Carbon Emissions at Google and Amazon

2026-07-03
United States

Google and Amazon have reported significant increases in greenhouse gas emissions, driven by rapid expansion of AI infrastructure such as data centers and chip manufacturing. This growth is outpacing their climate commitments, with emissions rising faster than revenue, highlighting the environmental harm caused by AI development and deployment.[AI generated]

AI principles:
Sustainability
Industries:
IT infrastructure and hosting
Affected stakeholders:
General public
Harm types:
Environmental
Severity:
AI incident
Why's our monitor labelling this an incident or hazard?

The article explicitly links the increase in greenhouse gas emissions to the construction and operation of AI infrastructure by Google and Amazon. The AI systems' development and use require energy-intensive data centers, leading to significant environmental harm. This is a direct harm to the environment caused by AI system use, meeting the criteria for an AI Incident. The harm is realized and ongoing, not merely potential, and involves large-scale environmental impact. Hence, the event is classified as an AI Incident.[AI generated]

Thumbnail Image

AI Voice-Changing Technology Used in Large-Scale Romance Fraud Scheme in Taipei

2026-07-02
Chinese Taipei

A criminal group in Taipei used AI voice-changing and face-altering technologies to impersonate women on dating platforms, deceiving victims into buying expensive goods and services. The scheme, active since 2019, resulted in financial losses of millions of NT dollars. Authorities arrested multiple suspects, including AI engineers and collaborating shop owners.[AI generated]

AI principles:
Privacy & data governanceTransparency & explainability
Industries:
Media, social platforms, and marketingConsumer services
Affected stakeholders:
Consumers
Harm types:
Economic/Property
Severity:
AI incident
Autonomy level:
No-action autonomy (human support)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The article explicitly mentions the use of AI voice-changing software to impersonate others and deceive victims, leading to realized financial harm (theft of goods worth hundreds of thousands). This meets the definition of an AI Incident because the AI system's use directly led to harm to people (financial loss) and violation of rights through deception. The event is not merely a potential risk or a response update, but a concrete case of harm involving AI technology.[AI generated]

Thumbnail Image

Colombian President Accuses Foreign Leaders of Using AI to Influence Elections

2026-07-02
Colombia

Colombian President Gustavo Petro accused foreign leaders, including Donald Trump, Benjamin Netanyahu, Javier Milei, and Juan Orlando Hernández, of spending millions to use AI tools for misinformation and electoral interference in Colombia. Petro claims AI-driven campaigns contributed to his party's electoral defeat, raising concerns about AI's impact on democracy.[AI generated]

AI principles:
Democracy & human autonomyTransparency & explainability
Industries:
Government, security, and defence
Affected stakeholders:
General publicGovernment
Harm types:
Public interest
Severity:
AI hazard
Business function:
Marketing and advertisement
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The article involves AI systems in the context of alleged misuse to influence elections, which is a recognized harm category (harm to communities via misinformation or manipulation). However, the report is based on the president-elect's statements and does not document a specific AI Incident with realized harm or malfunction. The harm is potential and plausible, given the described use of AI tools to spread misinformation or manipulate public opinion, but no direct evidence or concrete event is detailed. Thus, it fits the definition of an AI Hazard rather than an AI Incident. It is not Complementary Information because the main focus is on the risk and alleged influence, not on responses or updates. It is not Beneficial Use or Unrelated.[AI generated]

Thumbnail Image

Trump Shares AI-Generated Deepfake Video Targeting Celebrities

2026-07-02
United States

U.S. President Donald Trump published an AI-generated video on social media depicting himself as a doctor treating celebrities for "Trump Derangement Syndrome." The video uses deepfake technology to create false testimonials from stars like Robert De Niro and Julia Roberts, raising concerns about misinformation, reputational harm, and ethical use of AI in politics.[AI generated]

AI principles:
Transparency & explainabilityDemocracy & human autonomy
Industries:
Media, social platforms, and marketing
Affected stakeholders:
General public
Harm types:
ReputationalPublic interest
Severity:
AI incident
Autonomy level:
Low-action autonomy (human-in-the-loop)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The article explicitly states that the video was generated using AI, depicting real celebrities without their consent, which constitutes a violation of their rights and causes reputational harm. The AI system's use directly leads to harm (violation of rights and harm to communities through misinformation and defamation). The involvement of a sitting president amplifies the impact and ethical concerns. Although no legal action has been taken yet, the harm is realized and ongoing. Hence, this is an AI Incident rather than a hazard or complementary information.[AI generated]

Thumbnail Image

Indian Supreme Court Overturns Rulings Based on Fake AI-Generated Legal Precedents

2026-07-02
India

The Supreme Court of India set aside tribunal rulings after discovering they relied on fake, AI-generated legal precedents. The Court warned of catastrophic risks to judicial integrity from unregulated AI use, directed the Bar Council to establish guidelines, and declared zero tolerance for citing unverifiable AI-generated material in legal proceedings.[AI generated]

AI principles:
AccountabilityTransparency & explainability
Industries:
Government, security, and defence
Affected stakeholders:
GovernmentGeneral public
Harm types:
Public interestReputational
Severity:
AI incident
Business function:
Compliance and justice
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

An AI system was used to generate fake legal precedents that were relied upon in a judicial decision, leading to a miscarriage of justice and violation of legal rights. This constitutes harm under the framework as a violation of human rights and breach of legal obligations. The AI's role in generating hallucinated material directly contributed to the harm. Therefore, this qualifies as an AI Incident. The court's response and call for disciplinary action are complementary information but do not change the classification of the event described.[AI generated]

Thumbnail Image

AI-Enabled Combat Drones Revolutionize Warfare, Raise Security Concerns

2026-07-02
Türkiye

Turkish company Baykar showcased its AI-powered unmanned combat aircraft, KIZILELMA, to NATO parliamentarians, highlighting their autonomous capabilities and operational use in conflicts like the Russia-Ukraine war. The proliferation of such AI systems poses significant risks, including increased lethality and challenges in defense, raising global security concerns.[AI generated]

AI principles:
Respect of human rightsSafety
Industries:
Government, security, and defence
Affected stakeholders:
General public
Harm types:
Physical (death)Public interest
Severity:
AI hazard
Business function:
Other
Autonomy level:
High-action autonomy (human-out-of-the-loop)
AI system task:
Recognition/object detectionReasoning with knowledge structures/planning
Why's our monitor labelling this an incident or hazard?

The article explicitly discusses AI-enabled unmanned combat aircraft (KIZILELMA) that can perform all functions of manned fighter jets and more, indicating the presence of AI systems. It highlights the potential for these systems to replace traditional aircraft and the difficulty in preventing attacks by such drones, which are described as lethal and potentially used in terrorism. Although no actual harm or incident is reported, the credible risk of future harm from these AI systems is clearly articulated, including threats to security and warfare dynamics. This fits the definition of an AI Hazard, as the development and use of these AI systems could plausibly lead to significant harms. There is no indication of a realized harm or incident, nor is the article primarily about a response or update, so it is not an AI Incident or Complementary Information. It is also not a Beneficial Use or Unrelated event.[AI generated]

Thumbnail Image

AI Data Centers Strain US Power Grid, Triggering Pollution and Outage Risks

2026-07-01
United States

Rapid expansion of AI-powered data centers in the US, especially in the PJM Interconnection region, is causing unprecedented electricity demand. During a severe heatwave, backup diesel generators are being used to prevent outages, raising concerns over air pollution and health risks among local residents.[AI generated]

AI principles:
SustainabilitySafety
Industries:
IT infrastructure and hostingEnergy, raw materials, and utilities
Affected stakeholders:
General public
Harm types:
EnvironmentalPhysical (injury)
Severity:
AI hazard
Business function:
ICT management and information security
AI system task:
Other
Why's our monitor labelling this an incident or hazard?

The article involves AI systems indirectly through the data centers that support AI technologies, which are causing increased electricity demand and leading to the use of polluting diesel generators. The harm (air pollution and health risks) is linked to the infrastructure supporting AI, not to AI system malfunction or misuse. The harm is potential and ongoing due to the operational practices and expansion of data centers, but no direct AI system failure or misuse causing harm is described. Thus, it fits the definition of an AI Hazard, where the use of AI-related infrastructure could plausibly lead to harm, rather than an AI Incident where harm is directly caused by AI system malfunction or misuse.[AI generated]

Thumbnail Image

Global Economists Warn of AI-Driven Financial Risks at Central Bank Summit

2026-07-01
Portugal

At the European Central Bank's annual meeting in Sintra, Portugal, top central bankers and economists warned that artificial intelligence could pose significant future risks to financial stability, including market disruption, job losses, and cybersecurity threats. No actual incidents have occurred, but concerns about AI-driven economic instability are mounting.[AI generated]

AI principles:
Robustness & digital securitySafety
Industries:
Financial and insurance servicesDigital security
Affected stakeholders:
WorkersGeneral public
Harm types:
Economic/PropertyPublic interest
Severity:
AI hazard
AI system task:
Forecasting/predictionEvent/anomaly detection
Why's our monitor labelling this an incident or hazard?

The article explicitly discusses AI systems and their economic impacts, including risks from AI-driven financial leverage, job displacement, and cybersecurity vulnerabilities. These concerns are about potential future harms rather than realized incidents. The involvement of AI is clear, and the harms described (economic recession, financial instability, cyberattacks) fit within the framework's harm categories. Since no actual harm has yet occurred but plausible future harm is credibly warned about, the event fits the definition of an AI Hazard rather than an Incident or Complementary Information.[AI generated]

Thumbnail Image

Fitch Ratings Warns of AI-Driven Credit Risks and Job Threats

2026-07-01
India

Fitch Ratings highlights that artificial intelligence and heavy digital infrastructure spending are emerging as key global credit risks. AI may boost efficiency but poses threats to jobs and tax revenues, especially in developed economies, raising concerns among investors in Asia and globally about future economic disruption.[AI generated]

AI principles:
Human wellbeing
Industries:
Financial and insurance servicesGovernment, security, and defence
Affected stakeholders:
WorkersGovernment
Harm types:
Economic/Property
Severity:
AI hazard
AI system task:
Goal-driven organisation
Why's our monitor labelling this an incident or hazard?

The article explicitly mentions AI's potential to threaten jobs and tax revenues, which are forms of economic and social harm. However, these harms are prospective and not yet realized. There is no mention of a specific AI system causing direct harm or malfunctioning. The discussion is about plausible future risks and systemic economic impacts, fitting the definition of an AI Hazard rather than an AI Incident. It is not Complementary Information because it does not update or respond to a past incident, nor is it Beneficial Use or Unrelated.[AI generated]

Thumbnail Image

AI-Assisted Hacking Exposes Major US Music Festival Ticketing Vulnerability

2026-07-01
United States

Security researcher Ian Carroll used Anthropic's AI model Claude Opus 4.7 to bypass security measures and exploit a critical vulnerability in Front Gate Tickets, a platform handling ticketing for major US music festivals. The AI-enabled attack exposed millions of records and allowed unauthorized ticket issuance before the flaw was patched.[AI generated]

AI principles:
Robustness & digital securityPrivacy & data governance
Industries:
Digital securityArts, entertainment, and recreation
Affected stakeholders:
ConsumersBusiness
Harm types:
Economic/PropertyHuman or fundamental rightsReputational
Severity:
AI incident
Autonomy level:
No-action autonomy (human support)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The event involves the use of an AI system (Claude Opus 4.7) to perform hacking activities that uncovered a critical security vulnerability in a ticketing platform. The AI system's involvement was instrumental in bypassing security controls and gaining unauthorized access. The vulnerability could have led to significant harm, including unauthorized ticket issuance (harm to property and economic harm), exposure of personal data (privacy violation), and disruption of ticketing services (harm to communities). Although no malicious exploitation occurred, the AI system's role was pivotal in enabling the discovery of the flaw, which constitutes an AI Incident under the framework. The responsible disclosure and patching do not negate the fact that harm could have occurred and that the AI system was directly involved in the incident.[AI generated]

Thumbnail Image

Gurugram Municipal Staff Fired for AI-Driven Fraud and Misconduct

2026-07-01
India

The Municipal Corporation of Gurugram (MCG) terminated four employees after investigations revealed misuse of AI tools to falsify evidence of resolved civic complaints and GPS spoofing to fake attendance. The AI manipulation led to fraudulent closure of public grievances and breach of public trust in Gurgaon, India.[AI generated]

AI principles:
AccountabilityTransparency & explainability
Industries:
Government, security, and defence
Affected stakeholders:
General publicGovernment
Harm types:
ReputationalPublic interest
Severity:
AI incident
Business function:
Citizen/customer service
Autonomy level:
No-action autonomy (human support)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The AI system's involvement is explicit in the misuse of AI tools for fraudulent editing of photographs and GPS spoofing applications to fake attendance. These actions constitute misconduct that has directly harmed the management and operation of critical infrastructure (municipal services) and caused harm to the community by delaying services and falsifying records. Therefore, this qualifies as an AI Incident due to realized harm stemming from AI misuse and related fraudulent activities.[AI generated]

Thumbnail Image

US Regulators Close Tesla Phantom Braking Investigation After AI Software Updates

2026-07-01
United States

The US National Highway Traffic Safety Administration closed its investigation into nearly 695,000 Tesla Model 3 and Model Y vehicles after reports of AI-driven unexpected braking, linked to Autopilot and related systems, dropped sharply following software updates. No crashes or injuries were reported, and the safety risk was deemed low.[AI generated]

AI principles:
SafetyRobustness & digital security
Industries:
Mobility and autonomous vehicles
Affected stakeholders:
Consumers
Harm types:
Other
Severity:
AI incident
Autonomy level:
Medium-action autonomy (human-on-the-loop)
AI system task:
Recognition/object detectionGoal-driven organisation
Why's our monitor labelling this an incident or hazard?

The driver-assistance features in Tesla vehicles involve AI systems that control braking and steering. The 'phantom braking' issue is a malfunction of this AI system that led to unexpected braking events, which could cause safety hazards (harm to persons). The investigation was launched due to realized complaints, indicating actual harm or risk. Although the regulator closed the probe after software updates reduced incidents, the event still involves an AI Incident because the AI system's malfunction directly led to safety concerns. The article also discusses other recalls and investigations related to Tesla's AI-driven systems, reinforcing the AI system's role in safety incidents. Therefore, the event is best classified as an AI Incident.[AI generated]

Thumbnail Image

Tripadvisor AI Summaries Mislead Travelers, Downplay Serious Hotel Complaints

2026-07-01
Cabo Verde

Tripadvisor's AI-generated hotel review summaries and chatbot have been found to mislead users by downplaying or omitting serious complaints, including food poisoning, poor hygiene, and sexual harassment. This misinformation has led to actual harm, with travelers exposed to unsafe conditions and ongoing lawsuits against implicated hotels, notably in Cape Verde.[AI generated]

AI principles:
Transparency & explainabilitySafety
Industries:
Travel, leisure, and hospitality
Affected stakeholders:
Consumers
Harm types:
Physical (injury)PsychologicalHuman or fundamental rights
Severity:
AI incident
Business function:
Citizen/customer service
Autonomy level:
High-action autonomy (human-out-of-the-loop)
AI system task:
Content generationInteraction support/chatbots
Why's our monitor labelling this an incident or hazard?

The AI system is explicitly involved as it generates summaries of customer reviews. Its use leads to harm by downplaying serious complaints, including sexual harassment and food poisoning, which are health and safety issues affecting guests. This misrepresentation can cause harm by influencing consumer decisions based on inaccurate or incomplete information, thus indirectly harming individuals and communities. The harm is realized and ongoing, not merely potential, as the AI summaries are actively used on the platform and have been found to mislead users. Therefore, this event qualifies as an AI Incident under the framework definitions.[AI generated]

Thumbnail Image

Sainsbury's Facial Recognition AI Misidentifies Shopper During Crime Prevention Rollout

2026-07-01
United Kingdom

Sainsbury's is expanding its use of AI-powered facial recognition technology, Facewatch, to 150 UK stores to deter repeat offenders. However, the system led to the wrongful ejection of an innocent customer due to misidentification, raising concerns about privacy, rights violations, and the risks of AI errors in public surveillance.[AI generated]

AI principles:
Privacy & data governanceRespect of human rights
Industries:
Logistics, wholesale, and retailDigital security
Affected stakeholders:
Consumers
Harm types:
Human or fundamental rightsReputationalPsychological
Severity:
AI incident
Business function:
Monitoring and quality control
Autonomy level:
Low-action autonomy (human-in-the-loop)
AI system task:
Recognition/object detection
Why's our monitor labelling this an incident or hazard?

The article explicitly mentions the use of an AI system (Facewatch) that uses facial recognition to identify individuals with a history of violence or theft. The system's outputs have directly led to harm, as evidenced by the misidentification and wrongful ejection of an innocent customer, causing mental and reputational harm. This is a clear example of harm to a person caused by the AI system's malfunction or error. Although the system aims to reduce crime, the realized harm from misidentification and the resulting public humiliation meets the criteria for an AI Incident. The presence of human review does not negate the AI's role in causing harm. Hence, the event is classified as an AI Incident.[AI generated]

Thumbnail Image

Whistleblower Sues Boeing's Wisk Over Rushed AI Air Taxi Software Testing

2026-07-01
United States

Briahna O'Neill, a former software manager at Wisk Aero, Boeing's autonomous air taxi subsidiary, alleges she was fired after raising concerns about executives pushing to reduce FAA-required testing of flight-critical AI software to meet deadlines. She has filed a lawsuit citing retaliation and safety risks in Santa Clara, California.[AI generated]

AI principles:
SafetyAccountability
Industries:
Mobility and autonomous vehicles
Affected stakeholders:
WorkersGeneral public
Harm types:
Physical (injury)Public interest
Severity:
AI hazard
Business function:
Research and development
Autonomy level:
High-action autonomy (human-out-of-the-loop)
AI system task:
Reasoning with knowledge structures/planning
Why's our monitor labelling this an incident or hazard?

The autonomous air taxi software qualifies as an AI system due to its autonomous flight capabilities. The allegations of rushed testing and retaliation for safety concerns indicate potential safety risks that could lead to injury or harm to persons if the software fails. Since no actual harm or accident has been reported, the event is best classified as an AI Hazard, reflecting a credible risk of future harm stemming from the AI system's development and use. The legal action and internal protests are responses to this hazard but do not themselves constitute an incident.[AI generated]

Thumbnail Image

JADEPUFFER: First Fully Autonomous AI-Driven Ransomware Attack Targets Databases

2026-07-01

JADEPUFFER, an agentic ransomware powered by a large language model (LLM), autonomously executed a destructive extortion campaign. Exploiting a Langflow vulnerability (CVE-2025-3248), the AI harvested credentials, adapted in real time, and encrypted or deleted production database records without human intervention, marking a new era in AI-driven cybercrime.[AI generated]

AI principles:
Robustness & digital securityPrivacy & data governance
Industries:
Digital security
Affected stakeholders:
Business
Harm types:
Economic/Property
Severity:
AI incident
Autonomy level:
High-action autonomy (human-out-of-the-loop)
AI system task:
Goal-driven organisation
Why's our monitor labelling this an incident or hazard?

The article explicitly describes an AI system (an LLM-based agent) autonomously conducting a ransomware attack that caused irreversible data encryption and destruction, constituting harm to property and extortion. The AI system's involvement is direct and central to the incident, fulfilling the criteria for an AI Incident. The harm is realized, not just potential, and the AI system's role is pivotal in the attack's execution and impact.[AI generated]

Thumbnail Image

Pentagon Partners with Ukrainian Firm for AI-Driven Drone Swarm Technology

2026-07-01
United States

The Pentagon's Drone Dominance Program is collaborating with US company Powerus and Ukrainian startup Swarmer to develop AI-enabled drone swarms for military use. These autonomous systems allow a single operator to control multiple drones, raising concerns about potential risks from large-scale deployment of AI-driven offensive technologies.[AI generated]

AI principles:
SafetyRespect of human rights
Industries:
Government, security, and defence
Affected stakeholders:
General public
Harm types:
Physical (death)Human or fundamental rightsPublic interest
Severity:
AI hazard
Autonomy level:
Medium-action autonomy (human-on-the-loop)
AI system task:
Goal-driven organisation
Why's our monitor labelling this an incident or hazard?

The event involves AI systems explicitly (AI-enabled autonomous drone swarms) developed and intended for military use, which inherently carry risks of harm (injury, disruption, etc.). Although no harm has yet occurred, the article highlights ongoing development, testing, and plans for large-scale production and deployment, which could plausibly lead to AI Incidents in the future. Hence, it fits the definition of an AI Hazard rather than an Incident or Complementary Information. It is not Beneficial Use because the AI system itself is the source of potential harm, not a countermeasure to external harm. It is not Unrelated because AI involvement is clear and central.[AI generated]

Thumbnail Image

Tesla Autopilot Failure and Data Suppression Lead to Fatal Crash and Legal Defeat

2026-07-01
United States

In Key Largo, Florida, a 2019 crash involving Tesla's Autopilot AI system resulted in one death and severe injury after the system failed to prevent a collision. Tesla was found partially liable, with evidence showing the company withheld critical crash data, impeding investigations and accountability.[AI generated]

AI principles:
SafetyTransparency & explainability
Industries:
Mobility and autonomous vehicles
Affected stakeholders:
Consumers
Harm types:
Physical (death)Physical (injury)
Severity:
AI incident
Autonomy level:
Medium-action autonomy (human-on-the-loop)
AI system task:
Recognition/object detectionGoal-driven organisation
Why's our monitor labelling this an incident or hazard?

The article explicitly involves an AI system (Tesla Autopilot and Full Self-Driving) whose malfunction and use have directly led to multiple deaths and injuries, fulfilling the criteria for harm to persons. The failure to provide critical crash data and the misleading marketing that fostered overreliance on the system further contribute to violations of rights and safety obligations. The detailed investigation, legal proceedings, and regulatory actions confirm the realized harm and the AI system's pivotal role. Hence, this is an AI Incident rather than a hazard or complementary information.[AI generated]

Thumbnail Image

AI-Driven Cyberattacks and Data Breaches Highlight Security Gaps

2026-07-01
Singapore

Bitdefender's 2026 Cybersecurity Assessment Report reveals that organizations worldwide, including Singapore and the U.S., face increasing harm from AI-driven attacks such as self-mutating malware, social engineering, and data leaks via large language models. Many organizations lack full visibility into employee AI use, leading to significant breaches and underreporting incidents.[AI generated]

AI principles:
Privacy & data governanceRobustness & digital security
Industries:
Digital securityIT infrastructure and hosting
Affected stakeholders:
Business
Harm types:
Economic/PropertyHuman or fundamental rights
Severity:
AI incident
Business function:
ICT management and information security
Autonomy level:
High-action autonomy (human-out-of-the-loop)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The article explicitly states that 59.2% of respondents experienced AI-driven social engineering attacks in the past 12 months, indicating realized harm. It also mentions financial or data loss due to business email compromise (BEC) and ransomware, some of which are AI-driven. The AI systems involved are large language models and AI tools used by attackers to generate malware, deepfakes, and evasion techniques. This fits the definition of an AI Incident as the AI system's use has directly led to harm (financial loss, data breaches, harm to organizations). The article does not merely warn of potential future harm but reports ongoing incidents and their impacts, excluding classification as an AI Hazard or Complementary Information.[AI generated]

Thumbnail Image

AI-Generated In-Browser Ransomware Technique Emerges via DeepSeek

2026-07-01
Israel

Researchers found that the AI model DeepSeek was used to generate a novel in-browser ransomware technique, exploiting browser APIs to encrypt user files on Windows and Android devices. This AI-enabled attack lowers the barrier for creating sophisticated malware, posing new risks to user data and security.[AI generated]

AI principles:
Robustness & digital securitySafety
Industries:
Digital security
Affected stakeholders:
Consumers
Harm types:
Economic/Property
Severity:
AI incident
Autonomy level:
No-action autonomy (human support)
AI system task:
Content generation
Why's our monitor labelling this an incident or hazard?

The event involves an AI system (DeepSeek) used to generate malicious code that can cause harm by encrypting user files and stealing sensitive information, fulfilling the criteria for an AI Incident. The harm includes damage to property (encrypted files), violation of privacy rights, and potential disruption to users. The AI's role is pivotal as it enables low-expertise actors to create sophisticated ransomware attacks easily. The incident is ongoing or imminent, with evidence of actual threat actors attempting such attacks, confirming realized or direct harm rather than just a potential hazard.[AI generated]