Overview
Severity: CRITICAL | Affected: NexusAI | Category: breach
NexusAI, a leading provider of enterprise AI solutions, has confirmed a significant data breach affecting its flagship 'Cognito-7' model infrastructure. The incident, detected on February 15, 2026, resulted from a sophisticated social engineering attack that compromised a senior engineer's cloud credentials. The threat actors gained access to a repository containing proprietary fine-tuning datasets from several Fortune 500 clients, as well as a large cache of user prompts and generated outputs from the last quarter. NexusAI stated that while core model weights were not accessed, the exposed data contains sensitive commercial information and user interaction patterns. The company has initiated a full-scale forensic investigation with a third-party cybersecurity firm and has started notifying affected clients. The breach highlights the growing risk of supply chain attacks targeting valuable AI training data and the operational security posture of major AI labs.