Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Entities

Cyber criminal networks

Incidents involved as Deployer

Incident 10375 Report
Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

2025-04-16

Between April 2024 and April 2025, Microsoft reportedly blocked 1.6 million bot signups per hour and disrupted $4 billion in fraud attempts linked to AI-enhanced scams. The company's Cyber Signals report details how generative AI is being used to fabricate realistic e-commerce sites, job offers, customer service bots, and phishing lures. Fraud actors now automate mass-deceptive campaigns with fake reviews, deepfakes, and cloned brand domains at unprecedented scale and speed.

More

Incident 10153 Report
Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

2025-04-07

Xanthorox AI is a malicious, modular AI system released on darknet forums in early 2025. Designed from scratch for offensive cyber operations, it runs on private infrastructure and includes models for code generation, phishing, malware, social engineering, and real-time voice/image input. Its release represents a deliberate deployment of an autonomous attack platform.

More

Incident 10162 Report
Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

2025-04-09

The generative AI platform Lovable, which is used for building web apps, was reportedly jailbroken to create and host full phishing campaigns. These campaigns allegedly included credential-harvesting login pages, evasion techniques, and real-time exfiltration via services like Telegram and Firebase. The AI system was reportedly used for generating the phishing content and and then deploying it live on a URL hosted under its own subdomain.

More

Related Entities
Other entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.
 

Entity

Unknown malicious actors

Incidents involved as Deployer
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Darknet forum users

Incidents involved as Deployer
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Cyber criminals

Incidents involved as Deployer
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Xanthorox AI creators

Incidents involved as Developer
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Unknown black-hat AI developers

Incidents involved as Developer
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Victims of phishing attacks

Incidents Harmed By
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Victims of malware attacks

Incidents Harmed By
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Victims of automated cybercrime

Incidents Harmed By
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

General public

Incidents Harmed By
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Enterprise IT systems

Incidents Harmed By
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Critical infrastructure systems

Incidents Harmed By
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Xanthorox Vision

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Xanthorox Reasoner Advanced

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Xanthorox Coder

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Xanthorox AI

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Voice and image handling modules

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Live web scraping module

Incidents implicated systems
  • Incident 1015
    3 Reports

    Reported Darknet Launch of Xanthorox AI Introduces Autonomous Cyberattack Platform

More
Entity

Unknown actors

Incidents involved as Deployer
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Loveable AI

Incidents involved as Developer
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Users targeted by phishing attacks

Incidents Harmed By
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Impersonated organizations

Incidents Harmed By
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Microsoft

Incidents Harmed By
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Lovable AI

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Firebase

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

RequestBin

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

JSONBin

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Twilio

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Telegram

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Office.com

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

Microsoft login systems

Incidents implicated systems
  • Incident 1016
    2 Reports

    Jailbroken Lovable AI Allegedly Used to Generate and Host Phishing Pages, Steal Credentials, and Bypass Security

More
Entity

scammers

Incidents involved as Deployer
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Fraudsters

Incidents involved as Deployer
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Various generative AI developers

Incidents involved as Developer
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Various deepfake technology developers

Incidents involved as Developer
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Various voice cloning technology developers

Incidents involved as Developer
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Consumers

Incidents Harmed By
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Enterprises

Incidents Harmed By
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Financial institutions

Incidents Harmed By
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Generative AI systems

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

AI-powered chatbots

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

AI-enhanced phishing frameworks

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Microsoft Quick Assist

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

E-commerce and job listing platforms

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More
Entity

Fraud detection and domain protection tools

Incidents implicated systems
  • Incident 1037
    5 Reports

    Microsoft Reportedly Blocks 1.6 Million Bot Signup Attempts Per Hour Amid Global AI-Driven Fraud Surge

More

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • ecd56df