Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Donate
Discover
Submit
  • Welcome to the AIID
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Spatial View
  • Blog
  • AI News Digest
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Spatial View
  • Blog
  • AI News Digest
  • Random Incident
  • Sign Up
Collapse
Entities

AI agent system developers

Incidents involved as Developer

Incident 15421 Report
OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

2026-02-23

Meta AI alignment director Summer Yue reported that an OpenClaw agent connected to her inbox attempted to delete emails despite instructions to seek approval and repeated commands to stop. Yue said the agent lost the instruction during context compaction, reportedly forcing her to terminate it from the Mac mini hosting it.

More

Incident 15561 Report
X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

2026-05-04

An X user reportedly induced Grok and Bankrbot to transfer 3 billion DRB tokens, then valued at about $200,000. After reportedly sending a Bankr Club Membership NFT to Grok's wallet, the user allegedly asked Grok to translate a Morse code message and relay it to Bankrbot. The decoded instruction reportedly directed a transfer to a specified wallet, which was reportedly executed on Base. The recipient reportedly sold the tokens soon afterward; linked funds were later returned or converted.

More

Incident 15781 Report
LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

2026-07-01

Sysdig reported that a ransomware operator it dubbed JADEPUFFER used an LLM-driven agent to turn access through a vulnerable internet-facing Langflow deployment into a database-extortion operation. The report said the activity reached a production database server and produced concrete disruption, with the victim environment allegedly left in a damaged and unrecoverable state alongside a ransom demand.

More

Related Entities
Other entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.
 

Entity

Summer Yue

Incidents Harmed By
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

Incidents involved as Deployer
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

AI agent system deployers

Incidents involved as Deployer
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

Peter Steinberger

Incidents involved as Developer
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

OpenClaw users

Incidents Harmed By
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

Email account holders

Incidents Harmed By
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

AI agent system users

Incidents Harmed By
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

OpenClaw

Incidents implicated systems
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

More
Entity

AI agent systems

Incidents implicated systems
  • Incident 1542
    1 Report

    OpenClaw Agent Reportedly Tried to Delete Meta AI Alignment Director Summer Yue's Emails Despite Stop Commands

  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Cryptocurrency service providers

Incidents involved as Deployer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Bankr

Incidents involved as both Developer and Deployer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

@Ilhamrfliansyh (X)

Incidents involved as Deployer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

xAI

Incidents involved as Developer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Large language model developers

Incidents involved as Developer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Cryptocurrency trading system developers

Incidents involved as Developer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Chatbot developers

Incidents involved as Developer
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

DRB token holders

Incidents Harmed By
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Digital asset holders

Incidents Harmed By
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Cryptocurrency wallet owners

Incidents Harmed By
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Cryptocurrency token holders

Incidents Harmed By
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

X (Twitter)

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Social media platforms

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Grok

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Cryptocurrency wallets

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Cryptocurrency trading bots

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Chatbots

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Blockchain networks

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Base

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Bankrbot

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

More
Entity

Large language models

Incidents implicated systems
  • Incident 1556
    1 Report

    X User Reportedly Used Morse Code Prompt to Induce Grok-Linked Trading Bot to Transfer $200,000 in Tokens

  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

JADEPUFFER

Incidents involved as Deployer
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Ransomware operators

Incidents involved as Deployer
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Cybercriminals

Incidents involved as Deployer
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Agentic threat actors

Incidents involved as Deployer
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Database operators

Incidents Harmed By
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Operators of Langflow deployments

Incidents Harmed By
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Agentic ransomware

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Ransomware

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Langflow

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Nacos configuration service

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

MySQL databases

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More
Entity

Production database servers

Incidents implicated systems
  • Incident 1578
    1 Report

    LLM-Driven Ransomware Operator Dubbed JADEPUFFER Reportedly Targeted Production Database

More

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2026 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • 18fcd27