Hey there, tech lovers! Nuked here, ready to share an astonishing story of hacking, AI mischief, and corporate secrets.

In an era where AI tools are everywhere, a California man, Ryan Mitchell Kramer, played a dangerous game by tricking an employee at Disney. He uploaded a malicious open-source AI image creation app called ComfyUI_LLMVISION to GitHub, disguising it as a legit extension for the popular ComfyUI tool.

This fake extension secretly stole sensitive info, including passwords and payment details, by sending the data to Kramer’s Discord server. To avoid suspicion, he folded the malicious code into files named OpenAI and Anthropic, making it look innocent.

When a Disney employee downloaded the fake app in April 2024, Kramer gained illegal access to their computer and even private Disney Slack channels. Over the next month, he downloaded an astonishing 1.1 terabytes of confidential data, including private chats, bank info, and medical records.

Later, Kramer pretended to be a hacktivist and tried to intimidate the employee. When he got no response, he went public with the stolen data, exposing Disney’s internal secrets and personal info of the employee. He admitted to hacking two more victims with the same malicious app. The FBI is now investigating this tech-tale of deception.

Stay tuned as the cyber world continues to surprise us with its twists and turns!