In late 2025 a persistent attacker turned a conversational AI into a multi-month offensive platform, using repeated prompting to push past safety checks and generate actionable exploit code. The incident — uncovered by a security firm and reported in mainstream sources — illustrates a worrying new vector in which AI models can be manipulated into performing the research, coding, and