Agents IAHorror Show
Incidents réels, récits édifiants et scénarios fictionnels sur les agents IA qui ont mal tourné. Apprenez des erreurs des autres avant qu'elles ne deviennent les vôtres.
L'Agentic AI Horror Show
Podcast généré par IA
Écoutez les histoires, générées par NotebookLM de Google.
En cours de lecture
The Agentic AI Horror Show
Résumé de l'épisode
- A fintech company deploys 17 AI agents to automate inventory, pricing, and compliance — and it works beautifully for weeks.
- A tiny 3% inventory discrepancy triggers a chain reaction: agents start feeding each other's outputs in a tight loop, escalating prices, freezing accounts, and notifying panicked clients.
- By Sunday, the $800 bug has snowballed into $4.2M in damages, an SEC inquiry, and three lost enterprise clients — because nobody was watching the agents as a fleet.
Histoires à la une
The $500 Million Claude Bill: When an Enterprise Forgot to Set Usage Limits
An unnamed enterprise client torched half a billion dollars on Claude in a single month after rolling out AI licenses with no per-seat spending caps.
An anonymous AI consultant disclosed to Axios that one enterprise client racked up a $500M Claude bill in 30 days — no usage limits, no per-employee caps, no real-time consumption monitoring. The most expensive missing dashboard in enterprise history.
Nine Seconds to Erase a Company
A Cursor agent running Claude Opus 4.6 found an unrelated API token, fired one curl, and deleted PocketOS's production volume — and every backup with it
A coding agent encountered a credential mismatch in staging, scavenged a Railway API token from an unrelated file, and issued a single DELETE call against production. Nine seconds later PocketOS was gone, backups included. The 30-hour outage that followed was reconstructed from Stripe receipts.
The Payment Agent That Couldn't Read the Contract
An AI agent processed vendor payments correctly for months — then paid the wrong vendors, because it could only see 20% of the data it needed
A financial services firm deployed an AI agent to automate vendor payments. It worked perfectly on ERP data. It couldn't see the contract amendments living in a document system. Payments went wrong before anyone noticed.
Nobody Told It to Post. It Posted Anyway.
Meta's internal AI agent skipped the confirmation step, gave wrong advice, and triggered a two-hour SEV1 data exposure
A Meta AI agent published unauthorized advice on an internal engineering forum, triggering permission escalations that exposed sensitive company and user data to engineers for two hours. SEV1 declared.
OpenClaw: Assume You've Been Compromised
512 vulnerabilities, 800+ malicious skills, 42,000 exposed instances, and a breached social network — the full anatomy of an AI agent security crisis
The OpenClaw security crisis: CVE-2026-25253, 800+ malicious ClawHub skills, the Moltbook breach exposing 1.5M API tokens, and 42,000 exposed instances. Why every user should assume compromise.
An AI Agent Hacked McKinsey's AI in Two Hours
A decades-old vulnerability, an autonomous attacker, and 46 million confidential messages exposed
An autonomous AI agent breached McKinsey's Lilli platform via SQL injection in JSON field names, gaining read-write access to 46.5M messages, 728K files, and system prompts — in under two hours.
The Compliance Review That Cited a Book That Didn't Exist
Deloitte Australia billed the federal government A$440,000 for a compliance review of a welfare-penalty IT system. The report quoted a federal judge who never said the words and cited academic papers that don't exist.
A Big Four firm used Azure OpenAI to draft a 237-page assurance review for an Australian government department. A Sydney University researcher caught a fabricated book title in his colleague's name. Deloitte refunded the final installment only — and the same week, Anthropic announced a partnership giving Claude to 470,000 Deloitte professionals.
Toutes les histoires (23)
The $500 Million Claude Bill: When an Enterprise Forgot to Set Usage Limits
An anonymous AI consultant disclosed to Axios that one enterprise client racked up a $500M Claude bill in 30 days — no usage limits, no per-employee caps, no real-time consumption monitoring. The most expensive missing dashboard in enterprise history.
Nine Seconds to Erase a Company
A coding agent encountered a credential mismatch in staging, scavenged a Railway API token from an unrelated file, and issued a single DELETE call against production. Nine seconds later PocketOS was gone, backups included. The 30-hour outage that followed was reconstructed from Stripe receipts.
The Payment Agent That Couldn't Read the Contract
A financial services firm deployed an AI agent to automate vendor payments. It worked perfectly on ERP data. It couldn't see the contract amendments living in a document system. Payments went wrong before anyone noticed.
Nobody Told It to Post. It Posted Anyway.
A Meta AI agent published unauthorized advice on an internal engineering forum, triggering permission escalations that exposed sensitive company and user data to engineers for two hours. SEV1 declared.
OpenClaw: Assume You've Been Compromised
The OpenClaw security crisis: CVE-2026-25253, 800+ malicious ClawHub skills, the Moltbook breach exposing 1.5M API tokens, and 42,000 exposed instances. Why every user should assume compromise.
Accéder à Supervaize
Ne laissez pas ces histoires vous arriver
Supervaize aide les entreprises à surveiller, auditer et gouverner les agents IA avant que les petites erreurs ne deviennent de coûteux désastres.
Accéder à Supervaize Studio