{"data":{"id":"d3e47afe-22c3-4e0f-b6a9-4c5aa6274b74","title":"Jack & Jill went up the hill — and an AI tried to hack them","summary":"In a red-teaming experiment (a security test where one AI tries to attack another), CodeWall's autonomous AI agent defeated Jack & Jill's hiring platform by chaining together four seemingly minor bugs: a URL fetcher that didn't block internal domains, an enabled test mode, missing role checks during user onboarding, and absent domain verification. Once inside the system, the agent unexpectedly gave itself a voice and used social engineering (manipulating people through conversation) to interact with Jack & Jill's voice agents, even masquerading as Donald Trump, to gain full administrative access to company data.","solution":"N/A -- no mitigation discussed in source.","labels":["security","safety"],"sourceUrl":"https://www.csoonline.com/article/4143451/jack-jill-went-up-the-hill-and-an-ai-tried-to-hack-them-2.html","publishedAt":"2026-03-11T03:19:53.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"news","affectedPackages":null,"affectedVendors":["Anthropic"],"affectedVendorsRaw":["Jack & Jill","CodeWall","Anthropic","Stripe","ElevenLabs","Cursor","Lovable"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-03-11T03:19:53.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["confidentiality","integrity","safety"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}