an AI got someone's vehicle GPS location by reading their emails
was running a pentest against crAPI and the agent found a dev mail server with no authentication, opened it and read emails from other users, the emails had VINs and vehicle pincodes in them, used those to claim ownership of someone else's car, then pulled their GPS location.
u/Away_Replacement8719 — 13 days ago