After tracking AI agent security incidents for the past year, I put together a single reference covering every major breach, vulnerability and attack from 2024 through 2026. 90 incidents total, organized by year, with dates, named companies, impact, root cause, CVEs where applicable, and source links for every entry.
Covers supply chain attacks (LiteLLM, Trivy, Axios), framework vulnerabilities (LangChain, Langflow, OpenClaw), enterprise incidents (Meta Sev 1, Mercor/Meta suspension), AI coding tool CVEs (Claude Code, Copilot, Cursor), crypto exploits (Drift Protocol $285M, Bybit $1.46B), and more.
Also includes 20 sourced industry stats and an attack pattern taxonomy grouping incidents by type.
No product pitches. No opinions. Just facts with sources.
https://github.com/webpro255/awesome-ai-agent-attacks
PRs welcome if I missed anything.
[link] [comments]
