Incident · curated 27 Jun 2026
First reported 26 Jun 2026 · today
Single-source incident — first reported, latest, and curated coincide.
Attackers are abusing legitimate AI platform features like organization invites to harvest sensitive corporate data, turning enterprise LLM adoption into a new social-engineering vector.
Threat actors are creating OpenAI tenants impersonating legitimate companies and inviting employees to join them, aiming to trick targets into submitting sensitive company information through chats and projects. Cybersecurity firms have been among those targeted.
Why it matters
Attackers are abusing legitimate AI platform features like organization invites to harvest sensitive corporate data, turning enterprise LLM adoption into a new social-engineering vector.