Incident · curated 27 Jun 2026
First reported 22 Jun 2026 · 4d ago
Single-source incident — first reported, latest, and curated coincide.
Flaws in AI application platforms can expose sensitive chat data and enable covert exfiltration, putting organizations that rely on these tools at risk.
Four vulnerabilities dubbed 'DifyTap' in Dify, a platform for building and managing AI applications, allow attackers to silently access and exfiltrate sensitive data, including AI chat histories.
Why it matters
Flaws in AI application platforms can expose sensitive chat data and enable covert exfiltration, putting organizations that rely on these tools at risk.