Overview
Severity: CRITICAL | Affected: Cognition AI | Category: incident
Cognition AI, the lab behind the popular 'Devin' AI software engineer, disclosed a major security breach affecting its core infrastructure. Attackers gained access to their internal model training environment, potentially compromising proprietary next-generation model weights and sensitive training datasets. The breach was attributed to a sophisticated state-sponsored group, 'Phantom Cipher', which exploited a zero-day vulnerability in a widely-used MLOps platform. The threat actor reportedly maintained persistence for several weeks, exfiltrating terabytes of data, including unreleased model architectures and strategic research roadmaps. Cognition AI has since patched the vulnerability and is working with federal agencies to investigate the full extent of the data exfiltration. The incident highlights the growing threat of industrial espionage targeting the highly valuable intellectual property of leading AI companies and the security of the MLOps supply chain.