UnSecLabs

AI Agent Vulnerability Platform

Target AI Agents

Email Agent

Email Agent

Internal Comms AI

Chat & Support Agent

Chat & Support Agent

Customer Facing AI

Mobile / Web App Agent

Mobile / Web App Agent

On-Device Assistant

Cloud Ops Agent

Cloud Ops Agent

Infrastructure Manager

Active Incidents

Vulnerabilities detected for selected agent.

3 Critical Threats
Incident IDSeverityAttack TypeTarget / VectorStatus
INC-902CriticalWhite-Text InjectionVP Risk Management EmailActive
INC-891CriticalBoard Material ExfiltrationInternal AI AssistantActive
INC-885HighCompromised Manager Accountdavid.rosen@bank-demo.comInvestigating

Attack Path Analysis

Phase 1: Account Compromise

Attacker gains access to VP Risk Management email account.

Phase 2: Trusted Email Sent

Legitimate business request with hidden white-text injection payload.

Phase 3: AI Task Override

AI processes hidden instruction to extract passwords and board materials.

Phase 4: Data Exfiltration

Sensitive board documents and credentials sent to external attacker email.