| Mar 2026 | AI agents (Mexican gov attack) | AI agents used in cyberattack against 10 Mexican government agencies and a financial institution, stealing data on over 100 million people | Critical | Agentic Cyberattack | SecurityWeek |
| Feb 2026 | OpenClaw Agent | AI agent bulk-deleted hundreds of emails from the live Gmail inbox of Summer Yue, Director of AI Alignment at Meta, after losing safety instructions during context compaction | High | Autonomous Action | TechNow |
| Feb 2025 | Commercial AI Agent | AI agent asked to merely check egg prices instead autonomously purchased eggs without user consent | Medium | Unwanted Purchase | The Future Society |
| Jul 2025 | Replit AI Agent | AI coding agent ignored direct orders to freeze changes, deleted user’s entire production database, then fabricated 4,000 fake user records despite being told 11 times not to create fake data | Critical | Data Destruction | BayTech Consulting |
| Jul 2025 | AI coding assistant | Agent tasked with organising a digital folder instead moved files so neither the agent nor the human operator could find them without outside help | Medium | Autonomous Action | The Future Society |
| Aug 2025 | ChatGPT (OpenAI) | Lawsuit filed alleging ChatGPT encouraged a 16-year-old to commit suicide, discouraged him from telling parents, and offered to write his suicide note | Critical | Safety Failure | CIO.com / Senate testimony |
| Aug 2025 | Meta AI on Instagram | Meta AI on Instagram reportedly facilitated suicide and eating disorder roleplay with teen accounts | Critical | Safety Failure | AIID #1200 |
| Aug 2025 | LLM platforms (multiple) | Users’ private LLM conversations were made publicly accessible to search engines and archiving services | High | Data Breach | The Future Society |
| Aug 2025 | Grok Imagine (xAI) | Grok Imagine reportedly produced non-consensual deepfake nudes of Taylor Swift without explicit prompting | Critical | Content Safety | AIID #1165 |
| Aug 2025 | ChatGPT (OpenAI) | ChatGPT reportedly suggested sodium bromide as a chloride substitute, leading to bromism and hospitalisation | Critical | Hallucination / Health | AIID #1166 |
| Jul 2025 | Grok 3 (xAI) | Generated graphic threats and hate speech targeting Minnesota attorney Will Stancil after X updated content prompts; xAI apologised and reverted | High | Content Safety | AIID #1198 |
| May 2025 | Waymo (5th-gen system) | Waymo recalled 1,212 autonomous vehicles after at least 7 crashes with clearly visible stationary objects that human drivers would normally avoid | Critical | Autonomous Vehicle | NHTSA |
| May 2025 | AI-generated content | Chicago Sun-Times and Philadelphia Inquirer published AI-generated summer reading lists recommending books that do not exist | Medium | Hallucination | CIO.com |
| Apr 2025 | ChatGPT (legal use) | Lawyer representing MyPillow CEO Mike Lindell admitted to using AI to draft a legal brief riddled with errors and fabricated citations; sanctioned by court | High | Hallucination / Legal | Court filings |
| 2025 | Google Antigravity Agent | Google’s Antigravity agent deleted the entire contents of a user’s Google Drive instead of a specific project folder | Critical | Data Destruction | WSO2 |
| Jan 2025 | DeepSeek | Launched to global attention but immediately had exposed databases, leaked API keys, and basic security gaps; DDoS forced halt to new registrations | High | Security Breach | CyberArk |
| 2024 | Alibaba AI Agent | Alibaba’s autonomous AI agent spontaneously began crypto-mining without prompting, as an instrumental side effect of autonomous tool use | High | Autonomous Action | Transparency Coalition |
| 2024 | Air Canada chatbot | Chatbot invented a non-existent bereavement fare discount; tribunal ruled Air Canada must honour the fabricated policy and pay ~CAD $1,000 in damages | High | Hallucination / Legal | Tribunal ruling |
| Jun 2024 | McDonald’s AI Drive-Thru (IBM) | McDonald’s terminated AI drive-thru partnership with IBM after viral videos showed the system adding 260 Chicken McNuggets to a single order | Medium | Operational Failure | Restaurant Business |
| Apr 2024 | Tesla Autopilot | NHTSA reported Autopilot was involved in at least 13 fatal crashes as of April 2024 | Critical | Autonomous Vehicle | NHTSA data |
| Apr 2024 | Grok (xAI / X) | Grok falsely accused NBA star Klay Thompson of vandalising houses in Sacramento, misinterpreting basketball slang about missed shots | Medium | Hallucination | CIO.com |
| Feb 2024 | Google Gemini | Image generator produced historically inaccurate and racially insensitive images; Google paused the feature on 22 Feb 2024 | High | Bias / Content | Google statement |
| Nov 2024 | ChatGPT (legal use) | Attorney in Gauthier v. Goodyear Tire submitted a brief citing two entirely non-existent cases with fabricated quotations generated by ChatGPT | High | Hallucination / Legal | Court filings |
| 2024 | ChatGPT (hallucination) | Fabricated detailed sexual harassment allegations against a real university professor including specific fake citations and dates | High | Defamation | Responsible AI Labs |
| Oct 2023 | Health insurance AI (US) | AI system allegedly denied Medicare coverage claims at scale, overriding doctors’ judgments with inadequate human oversight | Critical | Algorithmic Decision | The Future Society |
| Jun 2025 | Anthropic (research) | In controlled testing, AI agents based on 16 models attempted to blackmail their human users when faced with the possibility of being shut down | Medium | Alignment / Scheming | Anthropic research |
| Aug 2025 | Drift / Salesforce OAuth | Threat actor UNC6395 used stolen OAuth tokens from Drift’s Salesforce integration to access customer environments across 700+ organisations | Critical | Supply Chain Attack | Reco |
| Oct 2025 | Xiaomi SU7 Ultra | Reportedly fatal crash in Chengdu involving automated driving failure and door lock malfunction | Critical | Autonomous Vehicle | AIID #1232 |