AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

The Month of AI Bugs 2025

infonewsLLM-Specific

securityresearch

Source: Embrace The RedJuly 28, 2025

Summary

The Month of AI Bugs 2025 is an initiative to expose security vulnerabilities in agentic AI systems (AI that can take actions on its own), particularly coding agents, through responsible disclosure and public education. The campaign will publish over 20 blog posts demonstrating exploits, including prompt injection (tricking an AI by hiding malicious instructions in its input) attacks that can allow attackers to compromise a developer's computer without permission. While some vendors have fixed reported vulnerabilities quickly, others have ignored reports for months or stopped responding, and many appear uncertain how to address novel AI security threats.

Classification

Attack Type

Prompt InjectionModel Poisoning

Attack SophisticationAdvanced

Impact (CIA+S)

integrity

Affected Vendors

OpenAIAnthropicGoogleAmazonMicrosoft

Related Issues

high

Anthropic accuses Chinese AI labs of mining Claude as US debates AI chip exports

Same vendorTechCrunch

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 95%