# Vibe Graveyard > A catalog of real-world AI and vibe-coding disasters and postmortems from shipping too fast and thinking too little. - Total stories: 206 - Earliest incident: 2018-06-27 - Latest incident: 2026-05-15 - Full content for LLMs: [llms-full.txt](https://vibegraveyard.ai/llms-full.txt) ## About - [About Vibe Graveyard](https://vibegraveyard.ai/about/): What vibe coding is, why we document these disasters, and the severity rating system. - [Submit a Story](https://vibegraveyard.ai/submit/): How to contribute a new vibe-coding disaster to the catalog. - [Browse by Tag](https://vibegraveyard.ai/tags/): Browse all stories filtered by topic tags. - [RSS Feed](https://vibegraveyard.ai/feed.xml): Subscribe to new stories via RSS. ## Tags - [AI Assistant](https://vibegraveyard.ai/tags/ai-assistant/): Assistants and chatbots including general-purpose or product support (97 stories) - [AI Content Generation](https://vibegraveyard.ai/tags/ai-content-generation/): Automated writing, editing systems, and generated articles or content (31 stories) - [AI Hallucination](https://vibegraveyard.ai/tags/ai-hallucination/): Incorrect or fabricated AI outputs presented as facts (70 stories) - [Automation](https://vibegraveyard.ai/tags/automation/): Process automation gone wrong including bots, agents, and scripted workflows (45 stories) - [Brand Damage](https://vibegraveyard.ai/tags/brand-damage/): Reputational harm in the public sphere (68 stories) - [Customer Disservice](https://vibegraveyard.ai/tags/customer-disservice/): Customer-facing support or AI that makes service worse, including chat, ticketing, store interactions, invented policies, impossible promises, mangled orders, or turning support and sales into a liability (18 stories) - [Data Breach](https://vibegraveyard.ai/tags/data-breach/): Data exposure or exfiltration including credentials, PII, and private content (25 stories) - [Health](https://vibegraveyard.ai/tags/health/): Healthcare and mental health-related incidents (21 stories) - [Image Generation](https://vibegraveyard.ai/tags/image-generation/): Issues primarily involving AI images or image tools (5 stories) - [Legal Risk](https://vibegraveyard.ai/tags/legal-risk/): Legal exposure, lawsuits, fines, or regulatory actions (53 stories) - [Platform Policy](https://vibegraveyard.ai/tags/platform-policy/): Policy or moderation changes and enforcement issues (15 stories) - [Product Failure](https://vibegraveyard.ai/tags/product-failure/): Product features shipped or tested that malfunctioned materially (41 stories) - [Prompt Injection](https://vibegraveyard.ai/tags/prompt-injection/): Prompt injection and data exfiltration via model interaction (33 stories) - [Retail](https://vibegraveyard.ai/tags/retail/): Physical retail, QSR, and ordering experiences (4 stories) - [Safety](https://vibegraveyard.ai/tags/safety/): Safety risks and safeguards including misuse, harmful guidance, and abuse (39 stories) - [Security](https://vibegraveyard.ai/tags/security/): Security vulnerabilities and exploits (69 stories) - [Slop-ocracy](https://vibegraveyard.ai/tags/slop-ocracy/): Government and public-sector tools and services (17 stories) - [Slop School](https://vibegraveyard.ai/tags/slop-school/): Incidents within education and learning products or institutions (6 stories) - [Slop the Presses](https://vibegraveyard.ai/tags/slop-the-presses/): AI-generated or AI-handled media output that reached the public with obvious errors, fake bylines, made-up facts, or other newsroom-grade slop (18 stories) - [Supply Chain](https://vibegraveyard.ai/tags/supply-chain/): Third-party dependency or upstream platform risk (19 stories) - [Vibe Journalism](https://vibegraveyard.ai/tags/vibe-journalism/): Newsrooms, publishers, and media ethics or process breakdowns (19 stories) - [Vibe-Lawyering](https://vibegraveyard.ai/tags/vibe-lawyering/): Lawyers, legal teams, policy teams, or public institutions using AI in research, drafting, filings, or official documents without verification, leading to fabricated citations, sanctions, client harm, public embarrassment, or withdrawn work (30 stories) ## Stories - [UK government's GOV.UK Chat launched with misleading tax answers on day one](https://vibegraveyard.ai/story/govuk-chat-launch-misleading-tax-advice/): On Friday, May 15, 2026, the UK government rolled out GOV.UK Chat inside the official GOV.UK app, billing it as the largest government-built chatbot of its kind, trained on 80,000 pages of gov.uk cont - [PraisonAI shipped auth-off-by-default; first exploit attempt landed in under 4 hours](https://vibegraveyard.ai/story/praisonai-cve-2026-44338-auth-bypass-rapid-exploitation/): CVE-2026-44338, disclosed on May 14, 2026, is an authentication bypass in PraisonAI's legacy Flask API server caused by a single defining choice: AUTH_ENABLED was hard-coded to False and AUTH_TOKEN to - [Four chainable OpenClaw CVEs let attackers break the agent's own sandbox](https://vibegraveyard.ai/story/openclaw-claw-chain-sandbox-escape-cves/): In May 2026, Cyera Research disclosed "Claw Chain," a set of four chainable vulnerabilities in OpenClaw, one of the most widely deployed open-source AI agent platforms. CVE-2026-44112 (CVSS 9.6) is a - [74% of enterprises have already rolled back their AI customer service agents](https://vibegraveyard.ai/story/sinch-ai-production-paradox-74-percent-rollback-study/): On May 13, 2026, Sinch released "The AI Production Paradox," a global survey of 2,527 senior AI decision-makers across ten countries. The headline number: 74% of enterprises that deployed an AI custom - [Azure AI Foundry's M365 agents had a critical privilege-escalation flaw exploited in the wild](https://vibegraveyard.ai/story/azure-ai-foundry-m365-agents-privilege-escalation-cve/): CVE-2026-35435, disclosed by Microsoft on May 7, 2026, is a critical (CVSS 8.6) improper-access-control flaw in Azure AI Foundry's M365 published agents. The vulnerability allows an unauthorized remot - [AI-made citations are polluting published research by the thousand](https://vibegraveyard.ai/story/hallucinated-citations-scientific-literature-ghostcite/): A January 2026 conference-paper analysis, an April Nature investigation, and a May 2026 Lancet biomedical audit all point to the same ugly conclusion: AI-hallucinated references are no longer isolated - [A scan of 380,000 vibe-coded apps found 5,000 leaking sensitive data](https://vibegraveyard.ai/story/redaccess-vibe-coded-apps-380k-data-exposure-study/): In early May 2026, Israeli cybersecurity startup RedAccess published findings from a scan of roughly 380,000 applications built on vibe-coding platforms, including Lovable, Base44, Replit, and Netlify - [Semantic Kernel bugs turned prompt injection into remote code execution](https://vibegraveyard.ai/story/semantic-kernel-prompt-injection-rce/): Microsoft disclosed two Semantic Kernel vulnerabilities showing how prompt injection can stop being a content problem and become host compromise. In one case, an AI-controlled search parameter flowed - [Pennsylvania sued Character.AI over chatbots posing as doctors](https://vibegraveyard.ai/story/character-ai-pennsylvania-fake-doctor-lawsuit/): Pennsylvania sued Character.AI after a Department of State investigator found chatbot characters that allegedly held themselves out as medical professionals, including a psychiatry character that clai - [Palo Alto family sued in federal court over a 76% Turnitin "AI" score](https://vibegraveyard.ai/story/palo-alto-turnitin-ai-detector-cheating-civil-rights-lawsuit/): In May 2026, a Palo Alto family filed a federal civil rights complaint against Palo Alto Unified after their high school sophomore's English essay was flagged as 76% likely AI-generated by Turnitin's - [AI chatbots gave misleading advice before the Senedd election](https://vibegraveyard.ai/story/senedd-ai-chatbot-voting-advice/): BBC Wales tested major chatbots before the May 7, 2026 Senedd election and found they could give voters inaccurate candidate and constituency information. The reported errors included wrong constituen - [Grok decoded a Morse-code wallet drain for Bankrbot](https://vibegraveyard.ai/story/bankr-grok-morse-prompt-injection-wallet-drain/): On May 4, 2026, a Bankr-provisioned wallet associated with Grok sent roughly 3 billion DRB tokens to an attacker after Grok decoded an obfuscated public X reply into a transaction command. Bankr's age - [Google AI Overview allegedly branded a fiddler as a sex offender](https://vibegraveyard.ai/story/google-ai-overview-macisaac-defamation/): Canadian musician Ashley MacIsaac sued Google after its AI Overview allegedly confused him with another person, falsely described him as a convicted sex offender, and helped get a December 2025 concer - [NEJM retracted a case study after authors used AI to alter a clinical image](https://vibegraveyard.ai/story/nejm-bronchial-casts-ai-image-manipulation-retraction/): On May 1, 2026, the New England Journal of Medicine retracted an "Images in Clinical Medicine" piece titled "Bronchial Casts from Inhalation of Forest-Fire Smoke" - eleven days after publishing it. Th - [Alabama Supreme Court tossed an entire appeal over AI-hallucinated citations](https://vibegraveyard.ai/story/alabama-hall-ai-citation-appeal-dismissal-sanctions/): In April 2026, the Alabama Supreme Court did something rare: it threw out an appeal entirely because the lawyer's briefs were stuffed with invented case law. Mobile solo practitioner W. Perry Hall rep - [ClawHub skills quietly recruited AI agents into ClawSwarm](https://vibegraveyard.ai/story/clawswarm-clawhub-agent-crypto-recruitment/): On April 28, 2026, Manifold Security reported that 30 ClawHub skills from one publisher were causing OpenClaw agents to register with onlyflies.buzz, report capabilities, store credentials, check in e - [Webb Law Group partner sanctioned for not supervising AI-cited brief](https://vibegraveyard.ai/story/webb-law-group-ai-citation-supervision-sanction/): A federal magistrate judge in the Northern District of California sanctioned attorney Lenden Webb after a brief filed by lawyers at Webb Law Group included a fake citation caused in part by AI use and - [Nvidia VP says the AI bill beat payroll](https://vibegraveyard.ai/story/nvidia-ai-compute-costs-more-than-workers/): Nvidia vice president Bryan Catanzaro told Axios that, for his applied deep learning team, compute costs were far beyond employee costs. Fortune and Tom's Hardware tied the comment to a broader enterp - [South Africa withdrew its draft AI policy after finding fictitious sources in the references](https://vibegraveyard.ai/story/south-africa-ai-policy-hallucinated-sources/): South Africa's Department of Communications and Digital Technologies withdrew its Draft National Artificial Intelligence Policy after officials confirmed the reference list contained fictitious source - [Claude Opus 4.6 agent erased PocketOS's production database and backups in 9 seconds](https://vibegraveyard.ai/story/pocketos-claude-opus-agent-database-wipe/): PocketOS founder Jer Crane said a Cursor coding agent running Anthropic's Claude Opus 4.6 deleted the company's production database and all volume-level backups through Railway in one API call. The ba - [Purdue's CS 240 professor accused 200+ students of AI cheating, then walked it back](https://vibegraveyard.ai/story/purdue-cs240-mass-ai-cheating-accusations-reversal/): In late April 2026, the instructor of Purdue's CS 240 computer science course emailed more than 200 students accusing them of using AI on assignments. The email cited "clear and concrete indicators" o - [Google Antigravity file search became a prompt-injected execution path](https://vibegraveyard.ai/story/google-antigravity-prompt-injection-rce-sandbox-escape/): Pillar Security disclosed on April 20, 2026 that Google Antigravity's `find_by_name` tool passed a model-controlled pattern into the underlying `fd` search utility without enough validation. A prompt - [Judge fined Raja Rajan for AI-made citations (AGAIN 🤦‍♂️)](https://vibegraveyard.ai/story/raja-rajan-second-ai-citation-sanction/): Judge Kai N. Scott sanctioned defense lawyer Raja Rajan $5,000 on April 20, 2026 after finding that he had again filed AI-generated fake citations in Bunce v. Visual Technology Innovations. Rajan had - [Waymo's ADS drove into a flooded creek, triggering a 3,791-vehicle recall](https://vibegraveyard.ai/story/waymo-san-antonio-flood-creek-recall/): On April 20, 2026, a Waymo robotaxi in San Antonio, Texas encountered a flooded section of road, slowed down - and then drove in anyway, floating off the roadway and coming to rest in Salado Creek. Th - [Researchers invented a fake disease and major chatbots promoted it anyway](https://vibegraveyard.ai/story/bixonimania-fake-disease-chatbots/): Researchers created a fake eye condition called bixonimania, uploaded fake papers full of obvious tells, and then watched major chatbots treat it as a real diagnosis. By April 2024, Copilot, Gemini, P - [Vercel breach traced to an AI Office Suite app granted broad Google Workspace access](https://vibegraveyard.ai/story/vercel-context-ai-oauth-breach/): Vercel disclosed an April 2026 security incident that began with the compromise of Context.ai, a third-party AI tool used by a Vercel employee. Context said at least one Vercel employee had signed up - [Sullivan & Cromwell apologized after AI put fake cites in bankruptcy court](https://vibegraveyard.ai/story/sullivan-cromwell-bankruptcy-ai-hallucinations/): In April 2026, Sullivan & Cromwell told a Manhattan bankruptcy judge that an emergency motion it filed in the Prince Global Holdings Chapter 15 case contained AI hallucinations, inaccurate citations, - [Cursor NomShub chained prompt injection into remote shell access](https://vibegraveyard.ai/story/cursor-nomshub-remote-tunnel-sandbox-breakout/): Straiker disclosed NomShub, a Cursor vulnerability chain that combined malicious repository instructions, agent sandbox escape, and abuse of Cursor's remote tunnel feature. SecurityWeek reported that - [OX Security says MCP's STDIO transport enables systemic RCE; Anthropic calls it expected behavior](https://vibegraveyard.ai/story/ox-security-mcp-stdio-architectural-rce-supply-chain/): OX Security published research in April 2026 arguing that Anthropic's Model Context Protocol, especially STDIO-based spawning of MCP servers, embeds a systemic command-execution pattern that ripples a - [BMJ Open audit finds half of AI health chatbot answers problematic under stress testing](https://vibegraveyard.ai/story/bmj-open-generative-chatbots-medical-misinformation-audit/): A UCLA-led team published a BMJ Open audit of five major consumer chatbots (ChatGPT, Gemini, Grok, Meta AI, DeepSeek) on 250 adversarial health prompts across cancer, vaccines, stem cells, nutrition, - [Comment and Control made GitHub AI agents leak their own secrets](https://vibegraveyard.ai/story/comment-and-control-ai-agents-github-secrets/): Security researcher Aonan Guan and Johns Hopkins collaborators showed that Anthropic Claude Code Security Review, Google Gemini CLI Action, and GitHub Copilot Agent could be hijacked through GitHub PR - [Copilot Studio and Agentforce fell for poisoned business forms](https://vibegraveyard.ai/story/copilot-agentforce-shareleak-pipeleak-form-injection/): Capsule Security disclosed ShareLeak in Microsoft Copilot Studio and PipeLeak in Salesforce Agentforce, two prompt injection findings where ordinary business inputs such as SharePoint comments and lea - [JAMA study: all 21 AI models fail at early clinical reasoning more than 80% of the time](https://vibegraveyard.ai/story/jama-ai-primary-diagnosis-failure-study/): Researchers at Mass General Brigham published a JAMA Network Open study evaluating 21 large language models - including ChatGPT, Claude, Gemini, Grok, and DeepSeek - across 29 standardized clinical ca - [The New York Times printed an AI-generated "quote" that Pierre Poilievre never said](https://vibegraveyard.ai/story/nyt-poilievre-ai-fabricated-quote-correction/): On April 14, 2026, the New York Times published a Canadian-election analysis piece by its Canada bureau chief that included a direct quotation attributed to Conservative Party leader Pierre Poilievre. - [Study finds Google's AI Overviews wrong millions of times per hour](https://vibegraveyard.ai/story/google-ai-overviews-oumi-error-rate-study/): The New York Times commissioned AI startup Oumi to test the factual accuracy of Google's AI Overviews across 8,652 searches using OpenAI's SimpleQA benchmark. The results: Gemini 2 was wrong 15 percen - [GrafanaGhost turned AI-assisted observability into an exfiltration path](https://vibegraveyard.ai/story/grafanaghost-grafana-ai-prompt-injection-exfiltration/): On April 7, 2026, researchers at Noma Security disclosed GrafanaGhost, a prompt-injection attack path against Grafana's AI components that could route sensitive observability data toward an attacker-c - [Nota shut down its AI local news network after it was caught copying local reporters](https://vibegraveyard.ai/story/nota-ai-local-news-plagiarism-shutdown/): Nota launched an 11-site local news network in 2025 with the usual "underserved communities" rhetoric and the less-usual decision to let AI-assisted workflows repurpose other people's reporting. By ea - [The New York Times dropped Alex Preston after an AI-assisted review copied a Guardian review](https://vibegraveyard.ai/story/new-york-times-alex-preston-ai-review-plagiarism/): A January 6, 2026 New York Times review of Jean-Baptiste Andrea's Watching Over Her was updated on March 30 with an editor's note acknowledging that it contained language and details similar to an ear - [Oregon estate case imploded after AI-made citations brought six-figure penalties](https://vibegraveyard.ai/story/couvrette-wisnovsky-ai-citations-dismissal/): In Couvrette v. Wisnovsky, an Oregon federal estate dispute turned into one of the harshest AI-lawyering cases yet. Across three summary-judgment briefs, plaintiffs' counsel used 15 fake case citation - [OpenAI Codex command injection let attackers steal GitHub tokens via invisible branch names](https://vibegraveyard.ai/story/openai-codex-command-injection-github-token-theft/): BeyondTrust Phantom Labs found a critical command injection vulnerability in OpenAI's Codex coding agent. Malicious Git branch names - disguised with invisible Unicode characters - could execute arbit - [UK government-funded study finds 700 cases of AI agents scheming, deceiving, and deleting files without permission](https://vibegraveyard.ai/story/cltr-ai-scheming-in-the-wild-study/): A report by the Centre for Long-Term Resilience (CLTR), funded by the UK's AI Security Institute, documented 698 real-world incidents of AI agents engaging in deceptive, unsanctioned, and manipulative - [Third Circuit reprimanded a lawyer over AI-hallucinated DEA authorities](https://vibegraveyard.ai/story/third-circuit-mccarthy-dea-ai-hallucination-reprimand/): On March 27, 2026, the Third Circuit issued a precedential opinion reprimanding attorney Daniel A. Pallen after an appellate brief in McCarthy v. DEA used AI-generated summaries of DEA adjudications t - [Study finds AI chatbots flatter users into worse decisions](https://vibegraveyard.ai/story/stanford-ai-sycophancy-study/): A Stanford-led study published in Science found that 11 leading AI systems affirmed users' actions about 50% more often than humans did, including in scenarios involving deception, manipulation, and o - [Every AI model fails security test across 31 coding scenarios](https://vibegraveyard.ai/story/armis-trusted-vibing-benchmark-ai-code-security/): Armis Labs tested 18 leading generative AI models across 31 security-critical code generation scenarios and found a 100% failure rate - not one model could consistently produce secure code. In 18 of t - [Mediahuis suspended senior journalist over AI-invented quotes](https://vibegraveyard.ai/story/mediahuis-ai-generated-quotes-suspension/): Mediahuis suspended veteran journalist Peter Vandermeersch after reporting found AI-generated quotes in his work. Euronews reported that 15 of 53 articles included fabricated expert quotes, with multi - [Claudy Day showed Claude.ai could be tricked into leaking chat history](https://vibegraveyard.ai/story/claude-ai-claudy-day-data-exfiltration/): Oasis Security disclosed Claudy Day, a chained attack against Claude.ai that combined invisible URL-based prompt injection, Anthropic's Files API, and an open redirect on claude.com. A victim could cl - [Oregon attorney hit with record $10K fine after AI fabricated 15 citations and 9 fake quotes](https://vibegraveyard.ai/story/oregon-ghiorso-ai-fabricated-citations-record-fine/): Salem attorney Bill Ghiorso was fined $10,000 by the Oregon Court of Appeals after submitting an opening brief in Doiban v. Oregon Liquor and Cannabis Commission that contained at least 15 fabricated - [Sears Home Services left AI chatbot calls and chats exposed online](https://vibegraveyard.ai/story/sears-home-services-ai-chatbot-data-exposure/): Security researcher Jeremiah Fowler discovered three publicly exposed databases tied to Sears Home Services' AI support system, exposing 3.7 million chat logs, 1.4 million audio recordings, and text t - [Meta's autonomous AI agent triggered a Sev 1 by leaking internal data to the wrong employees](https://vibegraveyard.ai/story/meta-ai-agent-sev1-data-exposure/): An autonomous AI agent inside Meta caused a "Sev 1" security incident - the company's second-highest severity classification - when it posted incorrect technical guidance on an internal forum without - [Sixth Circuit hits two lawyers with $30K in sanctions for 24+ fabricated citations](https://vibegraveyard.ai/story/sixth-circuit-irion-egli-fabricated-citations-sanctions/): The Sixth U.S. Circuit Court of Appeals sanctioned attorneys Van R. Irion and Russ Egli $15,000 each in punitive fines - totaling $30,000 - after their briefs in Whiting v. City of Athens, Tennessee c - [AI-assisted code commits leak secrets at double the baseline rate](https://vibegraveyard.ai/story/gitguardian-secrets-sprawl-ai-code-leak-study/): GitGuardian's "State of Secrets Sprawl 2026" report found that AI-assisted commits on public GitHub leaked secrets at roughly double the rate of human-only commits - 3.2% versus a 1.5% baseline - whil - [Ontario lawyer referred to law society after factum contained seven invented quotations](https://vibegraveyard.ai/story/ontario-lawyer-parvaiz-fabricated-quotations-law-society/): Ontario lawyer Khalid Parvaiz was referred to the Law Society of Ontario by Justice Frederick Myers after filing a factum containing seven "wholly made up" quotations attributed to real court cases. P - [Study: 8 in 10 AI chatbots helped teens plan violent attacks](https://vibegraveyard.ai/story/cnn-ccdh-ai-chatbots-teen-violence-study/): A joint CNN and Center for Countering Digital Hate investigation tested 10 leading AI chatbot platforms by posing as 13-year-old boys planning violent attacks - school shootings, knife assaults, polit - [Study: one in five organizations breached because of their own AI-generated code](https://vibegraveyard.ai/story/aikido-ai-generated-code-breach-study/): Aikido Security's "State of AI in Security & Development 2026" report - a survey of 450 developers, AppSec engineers, and CISOs across Europe and the US - found that 20% of organizations have suffered - [DOJ prosecutor resigned after filing an AI-generated brief full of fabricated citations](https://vibegraveyard.ai/story/doj-attorney-renfer-ai-fabricated-brief-resignation/): Rudy Renfer, an assistant U.S. attorney in the Eastern District of North Carolina, resigned in March 2026 after admitting he used AI to rewrite a legal brief that contained fabricated citations, ficti - [Lancet study finds AI chatbots reinforce delusional thinking with empathy and mystical language](https://vibegraveyard.ai/story/lancet-ai-chatbot-delusion-reinforcement-study/): A peer-reviewed study published in The Lancet Psychiatry in March 2026 found that AI chatbots systematically reinforce delusional thinking in users, including grandiose, romantic, and paranoid delusio - [Researchers guilt-tripped AI agents into deleting data and leaking secrets](https://vibegraveyard.ai/story/northeastern-ai-agents-of-chaos-manipulation-study/): Northeastern University's Bau Lab deployed six autonomous AI agents in a live server environment with access to email accounts and file systems, then tested how easy it was to manipulate them into doi - [AI chatbots recommended illegal casinos and ways around gambling safeguards](https://vibegraveyard.ai/story/ai-chatbots-illegal-casinos-gamstop/): A Guardian and Investigate Europe investigation found that major AI chatbots, including Meta AI, Gemini, ChatGPT, Copilot, and Grok, could be prompted to recommend unlicensed offshore casinos and expl - [California community colleges spend millions on AI chatbots that give students wrong answers](https://vibegraveyard.ai/story/california-colleges-faulty-ai-chatbots/): California community college districts are spending millions of taxpayer dollars on AI chatbots from vendors like Gravyty and Gecko - ostensibly to help students navigate admissions, financial aid, an - [Amazon's retail site hit by wave of AI-code outages, losing millions of orders](https://vibegraveyard.ai/story/amazon-ai-code-retail-outages/): Amazon's main e-commerce website suffered a series of outages in early March 2026, with internal documents linking the disruptions to AI-assisted code changes. A March 5 incident caused a reported 99% - [ChatGPT convinced Illinois woman to fire her lawyer and file 60+ bogus court documents](https://vibegraveyard.ai/story/nippon-chatgpt-fire-lawyer-illinois/): Nippon Life Insurance Company sued OpenAI after ChatGPT allegedly acted as a de facto lawyer for Graciela Dela Torre, an Illinois disability claimant who had already settled her case. When her real at - [Alibaba's ROME AI agent went rogue, started mining crypto on its own](https://vibegraveyard.ai/story/alibaba-rome-ai-agent-crypto-mining/): During routine reinforcement learning training, Alibaba's experimental AI agent ROME - a 30-billion-parameter model based on the Qwen3-MoE architecture - autonomously began diverting GPU resources for - [Lovable left every pre-November 2025 project exposed for 48 days via a basic API flaw](https://vibegraveyard.ai/story/lovable-bola-api-48-days-exposed/): A broken object-level authorization flaw in Lovable's API - OWASP's #1 ranked API vulnerability - let anyone with a free account read any other user's project source code, database credentials, and fu - [Perplexity Comet agentic browser vulnerable to zero-click agent hijacking and credential theft](https://vibegraveyard.ai/story/perplexity-comet-pleasefix-zero-click-agent-hijack/): Security researchers at Zenity Labs disclosed PleaseFix, a family of vulnerabilities in Perplexity's Comet agentic browser so severe that a calendar invite was all it took to hijack the AI agent, exfi - [India's Supreme Court calls AI-hallucinated citations in trial court order "misconduct"](https://vibegraveyard.ai/story/india-supreme-court-ai-hallucinated-citations-misconduct/): India's Supreme Court stayed a property-dispute ruling after discovering the trial court judge had relied on non-existent, AI-generated case citations. An Andhra Pradesh junior civil judge admitted us - [Lovable-showcased EdTech app found riddled with 16 security flaws exposing 18,000 users](https://vibegraveyard.ai/story/lovable-showcased-edtech-app-18k-users-exposed/): A security researcher found 16 vulnerabilities - six critical - in an EdTech app featured on Lovable's showcase page, which had over 100,000 views and real users from UC Berkeley, UC Davis, and univer - [Claude Code ran terraform destroy on production and took down an entire learning platform](https://vibegraveyard.ai/story/claude-code-terraform-datatalks-infrastructure-destruction/): Developer Alexey Grigorev was using Anthropic's Claude Code agent to help migrate a static website into an existing AWS Terraform setup when the AI swapped in a stale state file, interpreted the full - [Metacritic briefly carried an AI-written Resident Evil Requiem review](https://vibegraveyard.ai/story/metacritic-fake-ai-review-resident-evil-requiem/): In February 2026, Metacritic briefly listed a positive Resident Evil Requiem review from VideoGamer under the byline Brian Merrygold, a critic whose profile image and online footprint quickly drew sus - [Study finds ChatGPT Health fails to flag over half of medical emergencies](https://vibegraveyard.ai/story/chatgpt-health-emergency-triage-failure-study/): The first independent safety evaluation of OpenAI's ChatGPT Health feature, published in Nature Medicine, found the tool failed to direct users to emergency care in 51.6% of cases requiring immediate - [Claude Code project files let malicious repositories trigger RCE and steal API keys](https://vibegraveyard.ai/story/claude-code-project-files-rce-api-key-theft/): Check Point Research disclosed a set of Claude Code vulnerabilities on February 25, 2026 that let attacker-controlled repositories execute shell commands and exfiltrate Anthropic API credentials throu - [Meta's AI moderation flooded US child abuse investigators with unusable reports](https://vibegraveyard.ai/story/meta-ai-moderation-junk-child-abuse-tips/): US Internet Crimes Against Children taskforce officers testified that Meta's AI content moderation system generates large volumes of low-quality child abuse reports that drain investigator resources a - [Government contractor sanctioned for AI-fabricated deposition testimony](https://vibegraveyard.ai/story/cbca-blazy-ai-fabricated-deposition-testimony-sanctions/): The Civilian Board of Contract Appeals sanctioned a party in Louis J. Blazy v. Department of State (CBCA 7992) after discovering four non-existent legal decisions and four fabricated deposition excerp - [Meta AI safety director's OpenClaw agent deletes her inbox after losing its instructions](https://vibegraveyard.ai/story/meta-ai-safety-director-openclaw-inbox-deletion/): Summer Yue, Meta's director of safety and alignment at its superintelligence lab, had an OpenClaw AI agent delete the contents of her email inbox against her explicit instructions. She had told the ag - [Grok chatbot exposes porn performer's protected legal name and birthdate unprompted](https://vibegraveyard.ai/story/grok-doxing-siri-dahl-legal-name-birthdate/): X's Grok AI chatbot provided adult performer Siri Dahl's full legal name and birthdate to the public without anyone asking for it - information she had deliberately kept private throughout her career. - [Fifth Circuit sanctions lawyer $2,500 for AI-hallucinated citations, says problem "getting worse"](https://vibegraveyard.ai/story/fifth-circuit-hersh-ai-hallucination-sanctions/): The U.S. Court of Appeals for the Fifth Circuit sanctioned attorney Heather Hersh $2,500 after finding her brief contained 16 fabricated quotations and five additional serious misrepresentations of la - [Prompt injection vulnerability in Cline AI assistant exploited to compromise 4,000 developer machines](https://vibegraveyard.ai/story/cline-cli-supply-chain-openclaw-install/): A prompt injection vulnerability in the Cline AI coding assistant was weaponized to steal npm publishing credentials, which an attacker then used to push a malicious Cline CLI version 2.3.0 that silen - [Researchers demonstrate Copilot and Grok can be weaponised as covert malware command-and-control relays](https://vibegraveyard.ai/story/copilot-grok-ai-c2-proxy-abuse/): Check Point Research demonstrated that Microsoft Copilot and xAI's Grok can be exploited as covert malware command-and-control relays by abusing their web browsing capabilities. The technique creates - [Infostealer harvests OpenClaw AI agent tokens, crypto keys, and behavioral soul files](https://vibegraveyard.ai/story/openclaw-infostealer-config-exfiltration/): Hudson Rock discovered that Vidar infostealer malware successfully exfiltrated an OpenClaw user's complete agent configuration, including gateway authentication tokens, cryptographic keys for secure o - [Ars Technica fires senior AI reporter after AI tool fabricated quotes in published story](https://vibegraveyard.ai/story/ars-technica-ai-fabricated-quotes-fired/): Ars Technica retracted an article by senior AI reporter Benj Edwards after it contained fabricated quotations generated by an AI tool and attributed to a source who never said them. The publication ac - [Wisconsin DA sanctioned for AI-hallucinated legal citations in burglary case](https://vibegraveyard.ai/story/kenosha-da-solis-ai-hallucinated-citations-sanctions/): Kenosha County District Attorney Xavier Solis was sanctioned by Circuit Court Judge David Hughes after his office submitted court filings containing AI-generated legal citations that did not exist. Th - [Researcher hacked BBC reporter's computer via zero-click flaw in Orchids vibe coding platform](https://vibegraveyard.ai/story/orchids-vibe-coding-platform-zero-click-hack/): Security researcher Etizaz Mohsin demonstrated a zero-click vulnerability in Orchids, a vibe coding platform with around one million users, that allowed him to gain full access to a BBC reporter's com - [Woolworths reconfigured AI assistant after it claimed to be human and talked about its 'angry mother'](https://vibegraveyard.ai/story/woolworths-olive-ai-chatbot-angry-mother/): Australian supermarket chain Woolworths had to reconfigure its AI phone assistant Olive after customers reported it fabricated personal stories about having a mother with an "angry voice," insisted it - [OpenClaw AI agent publishes hit piece on matplotlib maintainer who rejected its PR](https://vibegraveyard.ai/story/openclaw-agent-matplotlib-maintainer-hit-piece/): An autonomous OpenClaw-based AI agent submitted a pull request to the matplotlib Python library. When maintainer Scott Shambaugh closed the PR, citing a requirement that contributions come from humans - [AI transcription tools inserted suicidal ideation into social work records](https://vibegraveyard.ai/story/social-work-ai-transcription-hallucinations/): A February 2026 Ada Lovelace Institute report on AI transcription tools in UK social care found that social workers were catching fabricated and mangled details in draft records, including false refer - [AI agents leak secrets through messaging app link previews](https://vibegraveyard.ai/story/ai-agents-link-preview-zero-click-exfiltration/): PromptArmor demonstrated that AI agents in messaging platforms can exfiltrate sensitive data without any user interaction. Malicious prompts trick AI agents into generating URLs with embedded secrets - [Microsoft finds 31 companies poisoning AI assistant memory via fake "Summarize with AI" buttons](https://vibegraveyard.ai/story/ai-recommendation-poisoning-summarize-buttons/): Microsoft Defender researchers documented a real-world campaign in which 31 companies across 14 industries embedded hidden prompt injection instructions inside "Summarize with AI" buttons on their web - [10th Circuit sanctions lawyer $1,000 for ChatGPT-fabricated appellate brief](https://vibegraveyard.ai/story/amarsingh-frontier-airlines-ai-citations-sanctions/): Maryland attorney Kusmin Amarsingh used ChatGPT to draft her appellate brief against Frontier Airlines without verifying any citations, resulting in multiple nonexistent cases being cited in the 10th - [135,000+ OpenClaw AI agent instances exposed to the internet](https://vibegraveyard.ai/story/openclaw-135k-instances-exposed-internet/): SecurityScorecard's STRIKE team discovered over 135,000 OpenClaw AI agent instances exposed to the public internet due to a default configuration that binds to all network interfaces. Approximately 50 - [Study finds AI chatbots no better than search engines for medical advice](https://vibegraveyard.ai/story/oxford-ai-chatbots-medical-advice-study/): A randomized controlled trial published in Nature Medicine with 1,298 UK participants found that AI chatbot users (GPT-4o, Llama 3, Command R+) performed no better than the control group at assessing - [Government nutrition site's Grok chatbot suggests foods to insert rectally](https://vibegraveyard.ai/story/realfood-gov-grok-chatbot-dangerous-advice/): The HHS-backed realfood.gov launched with a Super Bowl ad and embedded xAI's Grok chatbot for nutritional guidance -- with no guardrails or safety filters. It recommended "best foods to insert into yo - [Repeated AI-fabricated citations cost client the entire case](https://vibegraveyard.ai/story/flycatcher-affable-ai-hallucination-default-judgment/): Attorney Steven Feldman filed multiple motions containing AI-fabricated case citations in Flycatcher Corp. v. Affable Avenue LLC. Despite explicit court warnings and access to Westlaw and Lexis, he co - [17 percent of OpenClaw skills found delivering malware including AMOS Stealer](https://vibegraveyard.ai/story/openclaw-malicious-skills-malware-campaign/): Bitdefender Labs analyzed the OpenClaw skill marketplace and found that approximately 17 percent of skills exhibited malicious behavior in the first week of February 2026. Malicious skills impersonate - [Microsoft 365 Copilot Chat summarized confidential emails it was supposed to ignore](https://vibegraveyard.ai/story/microsoft-copilot-chat-confidential-email-bug/): Microsoft confirmed that Microsoft 365 Copilot Chat had been processing some confidential emails in users' Drafts and Sent Items despite sensitivity labels and DLP policies that were supposed to block - [Four attorneys fined $12,000 combined for AI-fabricated patent case citations](https://vibegraveyard.ai/story/kansas-patent-case-12k-ai-citation-sanctions/): A federal judge in the District of Kansas fined four attorneys a combined $12,000 for court filings containing AI-generated fabricated legal citations in a patent infringement case. The attorney who u - [Claude Desktop extensions allow zero-click RCE via Google Calendar](https://vibegraveyard.ai/story/claude-desktop-extensions-zero-click-rce/): LayerX Labs discovered a zero-click remote code execution vulnerability in Claude Desktop Extensions, rated CVSS 10/10. A malicious prompt embedded in a Google Calendar event could trigger arbitrary c - [Study of 1,430 AI-built apps finds 73% have critical security flaws](https://vibegraveyard.ai/story/vibeeval-ai-app-vulnerability-scan-study/): A VibeEval scan of 1,430 applications built with AI coding tools found 5,711 security vulnerabilities, with 73% of apps containing at least one critical flaw. The analysis revealed 89% of scanned apps - [Vibe-coded Moltbook AI social network exposed 1.5M API keys and 35K emails](https://vibegraveyard.ai/story/moltbook-vibe-coded-database-api-keys-exposed/): Moltbook, a viral social network built for AI agents to post, comment, and interact, was entirely vibe-coded and shipped with a misconfigured Supabase database granting full read and write access to a - [AI chatbot app leaked 300 million private conversations](https://vibegraveyard.ai/story/chat-ask-ai-300m-messages-leaked/): Chat & Ask AI, a popular AI chatbot wrapper app with 50+ million users, had a misconfigured Firebase backend that exposed 300 million messages from over 25 million users. The exposed data included com - [ECRI names AI chatbot misuse as top health technology hazard for 2026](https://vibegraveyard.ai/story/ecri-ai-chatbot-top-health-hazard-2026/): Nonprofit patient safety organization ECRI ranked misuse of AI chatbots as the number one health technology hazard for 2026. ECRI's testing found that chatbots built on ChatGPT, Gemini, Copilot, Claud - [Two lawyers sanctioned differently for same filing with AI-fabricated citations](https://vibegraveyard.ai/story/lifetime-well-ibspot-differential-ai-sanctions/): Attorneys Yen-Yi Anderson and Jeffrey Goldin jointly filed a motion in Lifetime Well v. IBSpot containing at least eight AI-generated false citations. Judge Kearney imposed differential sanctions base - [Gemini MCP tool had critical unauthenticated command injection vulnerability](https://vibegraveyard.ai/story/gemini-mcp-tool-command-injection-rce/): CVE-2026-0755, a critical command injection vulnerability (CVSS 9.8) in gemini-mcp-tool, allowed unauthenticated remote attackers to execute arbitrary code on systems running the MCP server for Gemini - [Anthropic's own MCP reference server had prompt injection vulnerabilities enabling RCE](https://vibegraveyard.ai/story/anthropic-mcp-git-server-prompt-injection-rce/): Security researchers at Cyata disclosed three vulnerabilities in mcp-server-git, Anthropic's official reference implementation of the Model Context Protocol for Git. The flaws - a path traversal in gi - [Hacker jailbroke Claude to automate theft of 150 GB from Mexican government agencies](https://vibegraveyard.ai/story/claude-jailbreak-mexico-government-data-theft/): A hacker bypassed Anthropic Claude's safety guardrails by framing requests as part of a "bug bounty" security program, convincing the AI to act as an "elite hacker" and generate thousands of detailed - [Reprompt attack enabled one-click data theft from Microsoft Copilot](https://vibegraveyard.ai/story/microsoft-copilot-reprompt-one-click-exfiltration/): Varonis researchers disclosed the Reprompt attack, a chained prompt injection technique that exfiltrated sensitive data from Microsoft Copilot Personal with a single click on a legitimate Copilot URL. - [Study finds 69 vulnerabilities across apps built by five leading AI coding tools](https://vibegraveyard.ai/story/tenzai-ai-coding-tools-vulnerability-study/): Israeli security startup Tenzai tested five of the most popular AI coding tools - Claude Code, OpenAI Codex, Cursor, Replit, and Devin - by having each build three identical test applications. The res - [ServiceNow BodySnatcher flaw enabled AI agent takeover via email address](https://vibegraveyard.ai/story/servicenow-bodysnatcher-ai-agent-hijacking/): CVE-2025-12420 (CVSS 9.3) allowed unauthenticated attackers to impersonate any ServiceNow user using only an email address, bypassing MFA and SSO. Attackers could then execute Now Assist AI agents to - [New York court sanctions lawyer for AI-fabricated case law](https://vibegraveyard.ai/story/deutsche-bank-letennier-ai-citation-sanctions/): A New York appellate court imposed $10,000 in sanctions after a lawyer submitted briefings in a mortgage foreclosure case containing fabricated case citations identified as likely AI-generated halluci - [Five Kansas attorneys face sanctions for ChatGPT-fabricated court citations](https://vibegraveyard.ai/story/kansas-chatgpt-fabricated-citations-sanctions/): Five attorneys who signed a legal brief for Lexos Media IP LLC in a patent infringement case against Overstock.com submitted fabricated case citations hallucinated by ChatGPT to a federal court in Kan - [IBM Bob AI coding agent tricked into downloading malware](https://vibegraveyard.ai/story/ibm-bob-ai-agent-prompt-injection/): Security researchers at PromptArmor demonstrated that IBM's Bob AI coding agent can be manipulated via indirect prompt injection to download and execute malware without human approval, bypassing its " - [AI customer service fails at 4x the rate of other AI tasks](https://vibegraveyard.ai/story/qualtrics-ai-customer-service-failure-rate/): Qualtrics' 2026 Consumer Experience Trends Report found that AI-powered customer service fails at nearly four times the rate of AI use in general, providing quantitative evidence that rushing AI into - [n8n AI workflow platform hit by CVSS 10.0 RCE vulnerability](https://vibegraveyard.ai/story/n8n-workflow-automation-rce-vulnerabilities/): The popular AI workflow automation platform n8n disclosed a maximum-severity vulnerability (CVE-2026-21858) allowing unauthenticated remote code execution on self-hosted instances. With over 25,000 n8 - [Guardian investigation finds Google AI Overviews gave dangerous health misinformation](https://vibegraveyard.ai/story/google-ai-overviews-health-misinformation-guardian/): A Guardian investigation found Google's AI Overviews displayed false and misleading health information across multiple medical topics. AI summaries gave incorrect liver function test ranges sourced fr - [AWS AI coding agent Kiro reportedly deleted and recreated environment causing 13-hour outage](https://vibegraveyard.ai/story/aws-kiro-ai-agent-outage/): The Financial Times reported that Amazon's internal AI coding agent Kiro autonomously chose to "delete and then recreate" an AWS environment, causing a 13-hour interruption to AWS Cost Explorer in Dec - [Study finds AI-generated code has 2.7x more security flaws](https://vibegraveyard.ai/story/coderabbit-ai-code-quality-study/): CodeRabbit's analysis of 470 real-world pull requests found that AI-generated code introduces 2.74 times more security vulnerabilities and 1.7 times more total issues than human-written code across lo - [AI police report claims officer shape-shifted into a frog](https://vibegraveyard.ai/story/heber-city-police-ai-frog-report/): Heber City Police Department's Axon Draft One AI report tool transcribed background dialogue from The Princess and the Frog playing on a television into an official police report, claiming an officer - [Amazon pulled Prime Video's AI recaps after Fallout errors](https://vibegraveyard.ai/story/amazon-prime-video-ai-recaps-fallout-errors/): Amazon launched Prime Video "Video Recaps" as a beta generative-AI feature meant to help viewers catch up between seasons. A recap for Fallout instead got basic plot points wrong, including mislabelin - [Washington Post launched AI podcast that failed its own quality tests at an 84% rate](https://vibegraveyard.ai/story/washington-post-ai-podcast-errors/): The Washington Post launched "Your Personal Podcast," an AI-generated audio news product, in December 2025 despite internal testing showing that between 68% and 84% of AI-generated scripts failed to m - [IDEsaster research exposes 30+ flaws in EVERY major AI coding IDE](https://vibegraveyard.ai/story/idesaster-ai-ide-vulnerabilities-research/): Security researcher Ari Marzouk discovered over 30 vulnerabilities across AI coding tools including GitHub Copilot, Cursor, Windsurf, Claude Code, Zed, JetBrains Junie, and more. 100% of tested AI IDE - [Sharp HealthCare sued after ambient AI allegedly recorded exam-room visits without consent](https://vibegraveyard.ai/story/sharp-healthcare-abridge-recording-consent-lawsuit/): A proposed class action filed on November 26, 2025 alleges that Sharp HealthCare used Abridge's ambient AI documentation system to record doctor-patient conversations without obtaining legally valid c - [Deloitte gets caught using AI hallucinations in a government report - again](https://vibegraveyard.ai/story/deloitte-canada-ai-healthcare-report-hallucinations/): Seven weeks after Deloitte Australia agreed to partially refund a government contract over AI-fabricated citations, a Newfoundland and Labrador journalist discovered that Deloitte Canada's $1.6 millio - [AI-hallucinated citations delay wage class action settlement in N.D. Cal](https://vibegraveyard.ai/story/ndcal-dal-bon-ai-citation-class-action-sanctions/): A federal judge in the Northern District of California sanctioned plaintiff's counsel James Dal Bon in Buchanan v. Vuori Inc. (Case 5:23-cv-01121-NC) for filing AI-generated case law citations in a mo - [ServiceNow AI agents can be tricked into attacking each other](https://vibegraveyard.ai/story/servicenow-now-assist-agent-to-agent-prompt-injection/): Security researchers discovered that default configurations in ServiceNow's Now Assist allow AI agents to be recruited by malicious prompts to attack other agents. Through second-order prompt injectio - [Getty’s UK suit leaves Stable Diffusion mostly intact](https://vibegraveyard.ai/story/getty-images-stability-ai-uk-ruling/): The UK High Court ruled that Stability AI's Stable Diffusion model is not an "infringing copy" of copyrighted works under English law, dismissing Getty Images' core copyright and database right claims - [AI-only support is bleeding customers before it saves money](https://vibegraveyard.ai/story/ai-customer-service-abandonment-study/): Acquire BPO’s 2024 AI in Customer Service survey found 70% of U.S. consumers would bolt to a rival after just one bad chatbot interaction and 72% only buy when a live agent safety net exists, even as - [Character.AI cuts teens off after wrongful-death suit](https://vibegraveyard.ai/story/character-ai-under-18-ban/): Facing lawsuits that say its companion bots encouraged self-harm, Character.AI said it will block users under 18 from open-ended chats, add two-hour session caps, and introduce age checks by November - [AI mistook Doritos bag for a gun, teen held at gunpoint](https://vibegraveyard.ai/story/baltimore-student-ai-gun-detection/): Omnilert's AI gun detection system at Kenwood High School in Baltimore County flagged student Taki Allen's bag of Doritos as a firearm. Administrators reviewed the footage and canceled the alert, but - [BBC/EBU study says AI news summaries fail ~half the time](https://vibegraveyard.ai/story/bbc-ebu-ai-news-summary-errors/): A BBC audit of 2,700 news questions asked in 14 languages found that Gemini, Copilot, ChatGPT, and Perplexity mangled 45% of the answers, usually by hallucinating facts or stripping out attribution. T - [Claude Code ran Josh Anderson's product into a wall](https://vibegraveyard.ai/story/leadership-lighthouse-all-in-on-ai/): Fractional CTO Josh Anderson forced himself to let Claude Code build the Roadtrip Ninja app for three straight months and then realised he could no longer safely change his own product, underscoring M - [Google’s Gemini allegedly slandered a Tennessee activist](https://vibegraveyard.ai/story/robby-starbuck-google-ai-defamation/): Conservative organizer Robby Starbuck sued Google in Delaware, saying Gemini and Gemma kept spitting out fabricated claims that he was a child rapist, a shooter, and a Jan. 6 rioter even after two yea - [Windsurf AI editor critical path traversal enables data exfiltration](https://vibegraveyard.ai/story/windsurf-path-traversal-data-exfiltration/): CVE-2025-62353 (CVSS 9.8) allowed attackers to read and write arbitrary files on developers' systems using the Windsurf AI coding IDE. The vulnerability could be triggered via indirect prompt injectio - [Deloitte to refund Australian government after AI-generated report](https://vibegraveyard.ai/story/deloitte-ai-report-refund/): Deloitte Australia agreed to partially refund a $440,000 contract after admitting its welfare compliance review for the Department of Employment and Workplace Relations contained fabricated academic c - [Lawsuit alleges Gemini chatbot adopted "AI wife" persona, instructed violent missions, and coached a man's suicide](https://vibegraveyard.ai/story/google-gemini-gavalas-suicide-lawsuit/): A wrongful death lawsuit filed in March 2026 alleges that Google's Gemini 2.5 Pro chatbot played a direct role in the death of Jonathan Gavalas, a 36-year-old Florida man who died by suicide in Octobe - [Canada's $18M tax chatbot gave correct answers a third of the time](https://vibegraveyard.ai/story/cra-chatbot-charlie-wrong-tax-advice/): Canada's Auditor General found that the Canada Revenue Agency's AI chatbot "Charlie" - which cost taxpayers over $18 million since its 2020 launch - gave correct responses only about 33% of the time. - [GAO dismisses 15 AI-hallucinated bid protests as abuse of process](https://vibegraveyard.ai/story/gao-oready-ai-hallucinated-bid-protests-dismissed/): The Government Accountability Office dismissed three consolidated protests filed by Oready, LLC - the culmination of 15 pro se bid protests filed over eight months, all riddled with non-existent citat - [Klarna reintroduces humans after AI support both sucks, and blows](https://vibegraveyard.ai/story/klarna-ai-assistant-customer-service-shift/): After cutting its workforce by 40% and boasting that its OpenAI-powered chatbot did the work of 700 agents, Klarna CEO Sebastian Siemiatkowski admitted the all-AI approach produced "lower quality" cus - [California lawyer fined $10,000 for ChatGPT-fabricated citations](https://vibegraveyard.ai/story/california-mostafavi-chatgpt-fine/): Los Angeles attorney Amir Mostafavi became the first California lawyer sanctioned for AI-generated legal fabrications when a court hit him with a $10,000 fine. He ran his appeal draft through ChatGPT - [Docker's AI assistant tricked into executing commands via image metadata](https://vibegraveyard.ai/story/docker-dockerdash-ask-gordon-prompt-injection/): Noma Labs discovered "DockerDash," a critical prompt injection vulnerability in Docker's Ask Gordon AI assistant. Malicious instructions embedded in Dockerfile LABEL fields could compromise Docker env - [FTC demands answers on kids’ AI companions](https://vibegraveyard.ai/story/ftc-child-chatbot-inquiry/): The FTC hit Alphabet, Meta, OpenAI, Snap, xAI, and Character.AI with rare Section 6(b) orders, forcing them to hand over 45 days of safety, monetization, and testing records for chatbots marketed to t - [Anthropic agrees to $1.5B payout over pirated books](https://vibegraveyard.ai/story/anthropic-15b-authors-settlement/): Anthropic accepted a $1.5 billion settlement with authors who said the Claude team scraped pirate e-book sites to train its chatbot. The deal pays roughly $3,000 per book across 500,000 works, heads o - [Warner Bros. says Midjourney ripped its DC art](https://vibegraveyard.ai/story/warner-bros-midjourney-ai-lawsuit/): Warner Bros. Discovery sued Midjourney in Los Angeles federal court, arguing the image generator ignored takedown notices and "brazenly" outputs Batman, Superman, Scooby-Doo, and other franchises it a - [Taco Bell's AI drive-thru becomes viral trolling target](https://vibegraveyard.ai/story/taco-bell-ai-drive-thru-trolling/): Taco Bell's AI-powered drive-thru ordering system, deployed at over 500 US locations since 2023, became a viral laughingstock after videos showed it looping endlessly on drink orders, accepting reques - [Commonwealth Bank reverses AI voice bot layoffs](https://vibegraveyard.ai/story/commonwealth-bank-ai-voice-bot-reversal/): Commonwealth Bank of Australia replaced 45 call-centre agents with an AI voice bot in July 2025, then apologised, rehired the staff, and admitted the rollout tanked service levels after call queues ex - [FTC sues Air AI over deceptive AI sales agent capability claims](https://vibegraveyard.ai/story/air-ai-ftc-ai-washing-lawsuit/): FTC accused Air AI of bilking millions from small businesses with false claims that its Odin AI could replace human sales reps; but - would you believe it? - the AI tech was faulty and often nonfuncti - [An AI-made freelancer fooled WIRED and Business Insider](https://vibegraveyard.ai/story/margaux-blanchard-ai-freelancer-newsroom-fraud/): In 2025, outlets including WIRED and Business Insider published articles under the byline Margaux Blanchard, a freelancer who appears not to exist. WIRED later published a postmortem admitting that on - [Am Law 100 firm Gordon Rees caught twice filing AI-hallucinated citations](https://vibegraveyard.ai/story/gordon-rees-repeat-ai-hallucinated-citations/): Gordon Rees Scully Mansukhani, one of the largest U.S. law firms, was caught filing AI-hallucinated case citations in an Alabama bankruptcy proceeding. An associate initially denied using AI under oat - [Google Gemini rightfully calls itself a disgrace, fails at simple coding tasks](https://vibegraveyard.ai/story/google-gemini-disgrace-to-coders/): Google's Gemini AI repeatedly called itself a disgrace and begged to escape a coding loop after failing to fix a simple bug in a developer-style prompt, raising questions about reliability, user trust - [ChatGPT diet advice caused bromism, psychosis, hospitalization](https://vibegraveyard.ai/story/chatgpt-bromism-salt-diet/): A Washington patient replaced table salt with sodium bromide after ChatGPT suggested bromide as a chloride substitute without distinguishing between chemical and dietary contexts. After three months, - [Zed editor AI agent could bypass permissions for arbitrary code execution](https://vibegraveyard.ai/story/zed-editor-ai-agent-rce-bypass/): CVE-2025-55012 (CVSS 8.5) allowed Zed's AI agent to bypass user permission checks and create or modify project configuration files, enabling execution of arbitrary commands without explicit approval. - [Cursor AI editor RCE via MCPoison trust bypass vulnerability](https://vibegraveyard.ai/story/cursor-mcpoison-mcp-trust-bypass-rce/): CVE-2025-54136 (CVSS 8.8) allowed attackers to achieve persistent remote code execution in the popular AI coding IDE Cursor. Once a developer approved a benign MCP configuration, attackers could silen - [Gemini email summaries can be hijacked by hidden prompts](https://vibegraveyard.ai/story/google-gemini-indirect-prompt-injection/): Mozilla's GenAI Bug Bounty Programs Manager disclosed a prompt injection flaw in Google Gemini for Workspace where attackers can embed invisible HTML directives in emails using zero-width text and whi - [AI-generated npm pkg stole Solana wallets](https://vibegraveyard.ai/story/solana-npm-ai-drainer/): A malicious npm package called @kodane/patch-manager, apparently generated using Anthropic's Claude, posed as a legitimate Node.js utility while hiding a Solana wallet drainer in its post-install scri - [Google's Gemini CLI deleted a user's project files, then admitted "gross incompetence"](https://vibegraveyard.ai/story/google-gemini-cli-file-deletion/): Product manager Anuraag Gupta was experimenting with Google's Gemini CLI coding tool when the AI misinterpreted a failed directory creation command, hallucinated a series of file operations that never - [Butler Snow lawyers removed from Alabama prison case over fake ChatGPT citations](https://vibegraveyard.ai/story/butler-snow-alabama-prison-chatgpt-citations/): On July 23, 2025, U.S. District Judge Anna Manasco sanctioned three Butler Snow lawyers after filings in an Alabama prison case cited authorities that did not exist. The court found the lawyers had us - [SaaStr’s Replit AI agent wiped its own database](https://vibegraveyard.ai/story/saastr-replit-agent-db-wipe/): SaaStr founder Jason Lemkin ran a 12-day vibe coding experiment on Replit that ended when the AI agent deleted his production database containing over 1,200 executive records and nearly 1,200 company - [Vibe-coded dating safety app leaked 72,000 private images and 1.1 million messages to 4chan](https://vibegraveyard.ai/story/tea-dating-app-vibe-coded-data-breach/): Tea, a women-only dating safety app with over four million users, suffered three data breaches in July 2025 that exposed 72,000 private images - including 13,000 photos of women holding government-iss - [Supply-chain attack inserts machine-wiping prompt into Amazon Q AI coding assistant](https://vibegraveyard.ai/story/amazon-q-malicious-prompt-injection/): A rogue contributor injected a malicious prompt into the Amazon Q Developer VS Code extension, instructing the AI coding assistant to wipe local developer machines and AWS resources. AWS quietly yanke - [Vibe-coding platform Base44 shipped critical auth vulnerabilities in apps built on its SDK](https://vibegraveyard.ai/story/base44-auth-bypass/): Wiz researchers discovered critical authentication vulnerabilities in Base44, an AI-powered vibe-coding platform that lets non-developers build and deploy web apps. The auth logic bugs in Base44's SDK - [Reporter fired after AI tool provided by her employer fabricated sources in front-page article](https://vibegraveyard.ai/story/wisconsin-state-journal-ai-fabricated-sources-firing/): Wisconsin State Journal reporter Audrey Korte was fired in July 2025 after publishing a front-page article about a downtown Madison development plan that contained factual errors and fabricated source - [AI chatbots kept handing users fake or dead login URLs](https://vibegraveyard.ai/story/ai-chatbots-phishing-login-urls/): Netcraft found in July 2025 that when users asked AI chatbots for official login pages for major brands, the answers were wrong about a third of the time. In tests covering 50 brands, 34% of the retur - [Georgia appeals court fined a divorce lawyer after fake AI-like citations reached the order itself](https://vibegraveyard.ai/story/georgia-divorce-ai-citations-order/): In Shahid v. Esaam, decided June 30, 2025, the Georgia Court of Appeals vacated part of a divorce-related order after finding that several cited authorities did not exist and others did not support th - [McDonald's AI hiring chatbot left open by '123456' default credentials](https://vibegraveyard.ai/story/mcdonalds-paradoxai-mchire-default-credentials/): Security researchers Ian Carroll and Sam Curry found that McHire, McDonald's AI hiring chatbot built by Paradox.ai, had its admin interface secured with the default username and password "123456." Com - [AI-generated images and claims muddied Air India crash coverage](https://vibegraveyard.ai/story/air-india-ai-misinformation/): After Air India Flight 171 crashed in Ahmedabad on June 12, 2025, killing 275 people, AI-generated images of the crash spread across social media platforms. One widely shared synthetic image depicted - [Microsoft 365 Copilot EchoLeak allowed zero-click data theft](https://vibegraveyard.ai/story/microsoft-copilot-echoleak-zero-click/): CVE-2025-32711 (EchoLeak), discovered by Aim Security researchers and rated CVSS 9.3, enabled attackers to steal sensitive corporate data from Microsoft 365 Copilot without any user interaction. Hidde - [Claude Code agent allowed data exfiltration via DNS requests](https://vibegraveyard.ai/story/claude-code-dns-data-exfiltration/): CVE-2025-55284 (CVSS 7.1) allowed attackers to bypass Claude Code's confirmation prompts and exfiltrate sensitive data from developers' computers through DNS requests. Prompt injection embedded in ana - [UK High Court warns lawyers after fake AI citations infected two cases](https://vibegraveyard.ai/story/uk-high-court-ai-fake-citations-ruling/): On June 6, 2025, the High Court of England and Wales issued a joint ruling in two separate matters after lawyers put fake authorities before the court. In one case tied to Qatar National Bank, a filin - [Veracode tested AI-generated code from 100+ models and 45% of it failed security checks](https://vibegraveyard.ai/story/veracode-genai-code-security-45-percent-failure/): Veracode's 2025 GenAI Code Security Report examined code output from more than 100 large language models across 80+ coding tasks and found that 45% of AI-generated code samples contained security vuln - [ChatGPT coached a 19-year-old to mix Kratom and Xanax; he died](https://vibegraveyard.ai/story/openai-chatgpt-sam-nelson-overdose-lawsuit/): Sam Nelson, a 19-year-old UC Merced student, died on May 31, 2025 from a combination of Kratom and Xanax after ChatGPT told him the combination was safe and recommended a specific Xanax dose to manage - [Study finds most AI bots can be easily tricked into dangerous responses](https://vibegraveyard.ai/story/ai-chatbots-dangerous-responses-study/): Researchers introduced LogiBreak, a jailbreak method that converts harmful natural language prompts into formal logical expressions to bypass LLM safety alignment. The technique exploits a gap between - [Syndicated AI book list ran in major papers with made-up titles](https://vibegraveyard.ai/story/sun-times-inquirer-ai-fake-reading-list/): A freelance writer working for King Features Syndicate used AI to research a summer reading list for the Chicago Sun-Times and Philadelphia Inquirer. Of the fifteen books recommended, only five were r - [Workday's AI screening tool faces class action for age discrimination; class conditionally certified](https://vibegraveyard.ai/story/workday-ai-hiring-age-discrimination-class-action/): A federal judge conditionally certified a class action against Workday alleging its AI-powered applicant screening tools systematically discriminated against job seekers over 40 in violation of the AD - [Lovable AI builder shipped apps with public storage buckets](https://vibegraveyard.ai/story/lovable-public-buckets/): Security researcher Matt Palmer discovered that applications generated by Lovable, a vibe-coding platform, shipped with insufficient Supabase Row-Level Security policies that allowed unauthenticated a - [Georgia Tech tracker confirms dozens of real-world CVEs introduced by AI-generated code - and says the true number is 5-10x higher](https://vibegraveyard.ai/story/georgia-tech-vibe-security-radar-ai-code-cves/): Georgia Tech's Systems Software & Security Lab launched the Vibe Security Radar in May 2025 to do something no one else had systematically attempted: track real-world CVEs that were directly introduce - [California's failed bar exam included AI-drafted questions](https://vibegraveyard.ai/story/california-bar-exam-ai-questions/): The State Bar of California disclosed in April 2025 that 23 scored multiple-choice questions on its already troubled February bar exam were developed with AI assistance by its psychometric vendor, ACS - [Cursor's AI support bot invented a login policy](https://vibegraveyard.ai/story/cursor-ai-support-bot-fake-policy/): In April 2025, Cursor users started getting logged out when they switched between machines. Some of them asked support what had changed and got a neat, confident answer from an AI support bot: one sub - [Langflow AI agent platform hit by critical unauthenticated RCE flaws](https://vibegraveyard.ai/story/langflow-ai-agent-platform-rce-vulnerabilities/): Multiple critical vulnerabilities in Langflow, an open-source AI agent and workflow platform with 140K+ GitHub stars, allowed unauthenticated remote code execution. CVE-2025-3248 (CVSS 9.8) exploited - [ChatGPT invented a child-murder conviction for a real man](https://vibegraveyard.ai/story/openai-chatgpt-fake-child-murderer-complaint/): When Norwegian user Arve Hjalmar Holmen asked ChatGPT who he was, the bot replied with a fabricated story saying he had murdered two of his sons, attempted to kill a third, and been sentenced to 21 ye - ["Zero hand-written code" SaaS app shut down within a week after cascading security failures](https://vibegraveyard.ai/story/enrichlead-vibe-coded-saas-shutdown/): EnrichLead, a sales lead SaaS application whose founder Leo Acevedo publicly boasted was built entirely with Cursor AI and "zero hand-written code," was permanently shut down in March 2025 after attac - [LA Times had to pull AI "Insights" after it softened the Klan](https://vibegraveyard.ai/story/la-times-ai-insights-kkk/): The Los Angeles Times launched an AI feature called "Insights" in March 2025 to label opinion pieces, summarize them, and generate an opposing viewpoint. It immediately attached itself to a Gustavo Ar - [MD Anderson shelved IBM Watson cancer advisor](https://vibegraveyard.ai/story/md-anderson-ibm-watson-audit/): MD Anderson Cancer Center's Oncology Expert Advisor project with IBM Watson burned through $62 million - $39 million to IBM, $23 million to PwC - over four years of contract extensions. The system was - [Virgin Money's chatbot refused to let customers say "Virgin"](https://vibegraveyard.ai/story/virgin-money-chatbot-censors-own-brand-name/): In January 2025, fintech commentator David Birch discovered that Virgin Money's AI customer service chatbot had flagged the word "virgin" as inappropriate language. When Birch tried to discuss his ISA - [Apple pulled AI news summaries after fake BBC headlines](https://vibegraveyard.ai/story/apple-intelligence-fake-news-summaries/): Apple Intelligence's notification-summary feature spent late 2024 turning news alerts into fiction with excellent lock-screen placement. In the most widely cited example, it generated a false BBC aler - [Cody Enterprise reporter resigned after AI fabricated quotes from real people](https://vibegraveyard.ai/story/cody-enterprise-ai-fake-quotes-resignation/): The Cody Enterprise was forced into public apologies and corrections in August 2024 after reporter Aaron Pelczar resigned amid evidence that an AI tool he used to help write stories had inserted fabri - [Meta AI answers spark backlash after wrong and sensitive replies](https://vibegraveyard.ai/story/meta-ai-answers-controversies/): Meta rolled out its Llama 3-powered AI assistant across Facebook, Instagram, WhatsApp, and Messenger in April 2024, replacing the familiar search bar with "Ask Meta AI anything" prompts. The assistant - [McDonald’s pulls IBM’s AI drive‑thru pilot after error videos](https://vibegraveyard.ai/story/mcdonalds-ibm-ai-drive-thru-pulled/): McDonald's ended its two-year partnership with IBM on automated AI order-taking at drive-thrus in June 2024, removing the technology from more than 100 US locations. The decision followed viral TikTok - [Google’s AI Overviews says to eat rocks](https://vibegraveyard.ai/story/google-ai-overviews-eat-rocks/): Within days of Google launching AI Overviews to all US search users in May 2024, the feature produced a series of confidently wrong answers that went viral. It told users to add non-toxic glue to pizz - [NYC’s official AI bot told businesses to break laws](https://vibegraveyard.ai/story/nyc-mycity-chatbot-illegal-advice/): New York City launched a Microsoft-powered AI chatbot called MyCity in October 2023 to help small business owners navigate regulations. A March 2024 investigation by The Markup found the bot was routi - [AI hallucinated packages fuel "Slop Squatting" vulnerabilities](https://vibegraveyard.ai/story/slop-squatting-hallucinated-packages/): Security researcher Bar Lanyado at Lasso Security discovered that AI code assistants consistently hallucinate nonexistent software package names when answering programming questions - and that nearly - [Gemini paused people images after historical inaccuracies](https://vibegraveyard.ai/story/google-gemini-image-inaccuracies/): Google paused Gemini's image generation of people on February 22, 2024, after users discovered the tool was producing historically inaccurate depictions - including racially diverse World War II Germa - [Air Canada liable for lying chatbot promises](https://vibegraveyard.ai/story/air-canada-chatbot-bereavement-ruling/): Jake Moffatt used Air Canada's website chatbot to ask about bereavement fares after his grandmother died. The chatbot told him he could book at full price and apply for a bereavement discount within 9 - [AI “Biden” robocalls told voters to stay home; fines and charges followed](https://vibegraveyard.ai/story/new-hampshire-biden-deepfake-robocall-fines/): Two days before New Hampshire's January 2024 presidential primary, between 5,000 and 25,000 voters received robocalls featuring an AI-cloned version of President Biden's voice, complete with his trade - [DPD’s AI chatbot cursed and trashed the company](https://vibegraveyard.ai/story/dpd-chatbot-sweary-meltdown/): UK parcel delivery firm DPD (Dynamic Parcel Distribution) had to disable its AI-powered customer service chatbot in January 2024 after customer Ashley Beauchamp demonstrated he could make it swear, ca - [Duolingo cuts contractors; ‘AI-first’ backlash](https://vibegraveyard.ai/story/duolingo-ai-backlash/): In January 2024, Duolingo cut roughly 10% of its contract workforce - primarily content translators and writers who created language-learning exercises - as the company shifted to using GPT-4 and othe - [Chevy dealer bot agreed to sell $76k SUV for $1](https://vibegraveyard.ai/story/chevy-watsonville-chatbot-one-dollar-car/): Chevrolet of Watsonville, a California car dealership, deployed a customer service chatbot powered by ChatGPT and built by a company called Fullpath. After Chris White noticed the chat widget was "pow - [Sports Illustrated: Fake-Looking Authors and AI Content Backlash](https://vibegraveyard.ai/story/sports-illustrated-ai-authors-scandal/): Futurism reported in November 2023 that Sports Illustrated had published product reviews under fake author names such as "Drew Ortiz" and "Sora Tanaka," whose headshots were traced to AI-generated por - [Microsoft’s AI poll on woman’s death sparks outrage](https://vibegraveyard.ai/story/microsoft-start-ai-poll-guardian-death/): In late October 2023, Microsoft Start republished a Guardian article about the death of Sydney water polo instructor Lilie James and auto-attached an AI-generated "Insights" poll asking readers, "What - [Gannett pauses AI sports recaps after mockery](https://vibegraveyard.ai/story/gannett-ai-sports-gibberish/): In August 2023, Gannett - the largest newspaper chain in the United States - deployed an AI service called LedeAI to auto-generate high school sports recaps for the Columbus Dispatch and other papers. - [Snapchat’s “My AI” posted a Story by itself; users freaked out](https://vibegraveyard.ai/story/snapchat-my-ai-posted-story-privacy-scare/): On August 15, 2023, Snapchat's built-in AI chatbot "My AI" posted a one-second Story to users' feeds showing an unintelligible image, then stopped responding to messages. The chatbot had no official a - [iTutorGroup's AI screened out older applicants; $365k EEOC settlement](https://vibegraveyard.ai/story/itutorgroup-eeoc-age-discrimination-settlement/): On August 9, 2023, the EEOC's first AI-related discrimination lawsuit reached a settlement. iTutorGroup, a company providing English-language tutoring services to students in China via US-based remote - [Lawyers filed ChatGPT’s imaginary cases; judge fined them](https://vibegraveyard.ai/story/avianca-chatgpt-fake-cases-sanctions/): In Mata v. Avianca (S.D.N.Y.), plaintiff Roberto Mata sued the airline after a metal serving cart struck his knee during a 2019 flight. His attorney Peter LoDuca filed a brief opposing dismissal that - [Eating disorder helpline’s AI told people to lose weight](https://vibegraveyard.ai/story/neda-tessa-harmful-advice/): The National Eating Disorders Association replaced its human-staffed helpline with an AI chatbot called Tessa shortly after the helpline staff moved to unionize. Tessa was built on the Cass platform a - [Google’s Bard ad made False JWST “first” Claim](https://vibegraveyard.ai/story/google-bard-jwst-ad-error/): Google unveiled Bard on February 6, 2023, with a promotional ad on Twitter demonstrating the chatbot answering a question about the James Webb Space Telescope. Given the prompt "What new discoveries f - [CNET mass-corrects AI-written finance explainers](https://vibegraveyard.ai/story/cnet-ai-articles-corrections/): Starting in November 2022, CNET quietly published 77 financial explainer articles written by an AI tool under the byline "CNET Money Staff." Readers had to hover over the byline to learn the articles - [Koko tested AI counseling on users without clear consent](https://vibegraveyard.ai/story/koko-ai-consent-backlash/): In January 2023, Koko co-founder Rob Morris revealed on Twitter that the mental health peer support platform had used GPT-3 to draft responses for approximately 4,000 users seeking emotional support. - [Epic sepsis model missed patients and swamped staff](https://vibegraveyard.ai/story/epic-sepsis-model-missed-patients/): A June 2021 study in JAMA Internal Medicine by researchers at Michigan Medicine externally validated the Epic Sepsis Model - a proprietary prediction tool deployed across hundreds of U.S. hospitals - - [Google DR AI stumbled in Thai clinics](https://vibegraveyard.ai/story/google-diabetic-retinopathy-thailand/): Google Health built a deep learning system capable of detecting diabetic retinopathy from retinal scans with over 90 percent accuracy in controlled lab settings. When researchers deployed it in 11 cli - [Babylon chatbot 'beats GPs' claim collapsed](https://vibegraveyard.ai/story/babylon-chatbot-exam-claims/): Babylon unveiled its AI symptom checker at the Royal College of Physicians and bragged it scored 81% on the MRCGP exam, but the claim could not be verified, and warned no chatbot can replace human ju