Overview
Severity: CRITICAL | Affected: Nexus AI | Category: breach
Nexus AI, a leading developer of generative AI models, confirmed it was the victim of a sophisticated cyberattack. The breach, which occurred in late January 2025, resulted in the exfiltration of proprietary training datasets, pre-release model weights for their upcoming 'Nexus-5' architecture, and a database containing over 50 million user prompts from their enterprise clients. Security researchers believe a state-sponsored threat actor exploited a zero-day vulnerability in a popular MLOps platform used by Nexus AI for data orchestration. The attackers maintained persistence for several weeks, siphoning data undetected. The incident has raised serious concerns about intellectual property theft in the AI sector and the security of sensitive user data entrusted to AI service providers. Nexus AI has initiated a full forensic investigation and is working with law enforcement agencies.