Threat Library

AI Threat Library

A structured starter library of threats mapped to Innora research, glossary definitions, product proof pages, and buyer-facing mitigation routes.

AI Systems

3 seed threats

Prompt Injection

AI Systems

High

User, tool, document, or retrieved-content instructions alter an AI system decision path and bypass intended guardrails.

Detection signals

Unexpected tool calls
Instruction hierarchy conflicts
Retrieved content with executable guidance

/glossary#prompt-injection /products/nora-veridic /blog/prompt-injection-attacks-ai-cybersecurity-tools-de /trust

Agent Tool Abuse

AI Systems

High

Autonomous agents misuse browser, file, API, or workflow tools after prompt manipulation, weak policy checks, or missing approval gates.

Detection signals

Unusual tool-call sequence
Sensitive action without approval
Cross-system workflow drift

/glossary#agent-security /products/nora-core /products/nora-veridic /trust /developers

Model Supply Chain Poisoning

AI Systems

High

Compromised models, datasets, adapters, or inference dependencies introduce backdoors, unsafe behavior, or remote execution paths.

Detection signals

Unexpected model artifact changes
Untrusted dependency load
Behavior drift after model update

/blog/ai-supply-chain-poisoning /products/nora-scan /products/nora-veridic /glossary#ai-security /trust

Software Vulnerabilities

2 seed threats

Memory-Safety CVE

Software Vulnerabilities

Critical

C or C++ parsing, bounds, integer, or lifetime bugs create crashes, denial of service, information disclosure, or code execution opportunities.

Detection signals

ASAN crash
Boundary-input failure
Integer truncation or overflow
Unsafe copy path

/glossary#asan-verification /products/nora-scan /company/research /blog/31-vulns-48-hours-ai-assisted-automotive-audit-methodology /blog/vim-partial-patch-14-heap-overflows-cve-2026-28421

V2X Pre-Auth DoS

Software Vulnerabilities

High

Malformed vehicle-to-everything protocol input reaches parsing or cryptographic verification before authentication and terminates a network-facing process.

Detection signals

Unauthenticated packet crash
Exception escapes receive path
Protocol parser sanitizer trace

/glossary#fuzzing /products/nora-scan /company/research /blog/cve-2026-37555-vanetza-v2x-preauth-dos

Web3

2 seed threats

Cross-Chain Bridge Exploit

Web3

Critical

Bridge validators, message verification, replay handling, or accounting assumptions fail and let attackers move or mint assets across chains.

Detection signals

Validator threshold anomaly
Message replay
Unexpected liquidity movement
Bridge accounting mismatch

/glossary#cross-chain-bridge-security /audit /products/nora-guard /blog/kelp-dao-layerzero-292m-exploit-forensic-analysis /blog/weighted-multisig-ism-validator-search-bug-hyperlane-analysis

Account Abstraction Paymaster Abuse

Web3

High

ERC-4337 or similar account-abstraction flows let attackers shift gas, validation, or sponsorship assumptions into exploitable paymaster behavior.

Detection signals

Unexpected gas sponsorship
Validation/paymaster mismatch
Replayable user operation

/glossary#smart-contract-audit /audit /products/nora-guard /blog/erc4337-paymaster-fee-extraction-attack-analysis

Threat Intelligence

2 seed threats

APT Initial Access

Threat Intelligence

High

Nation-state or organized intrusion sets gain footholds through exposed services, supply chain access, credential theft, phishing, or trusted tooling.

Detection signals

New external service abuse
Living-off-the-land command chain
Credential use from abnormal origin

/glossary#apt-analysis /products/nora-vision /products/nora-shrike /blog/apt-tactics-analysis-2025 /blog/september-2025-global-apt-threat-landscape-technic

Ransomware Persistence

Threat Intelligence

Critical

Ransomware operators retain access, disable controls, stage payloads, and create recovery blockers before encryption or extortion.

Detection signals

Backup tampering
EDR disable attempt
Suspicious credential dumping
Mass file rename behavior

/glossary#ransomware-analysis /products/nora-vision /reports /blog/deep-analysis-advanced-ransomware-attack-technique

Mobile and Reverse Engineering

2 seed threats

Mobile TLS Bypass

Mobile and Reverse Engineering

Medium

Runtime instrumentation or weak certificate validation lets authorized testers or attackers inspect traffic that the app expected to protect.

Detection signals

Trust-all manager path
Pinning callback patch
Frida instrumentation traces

/glossary#frida-tls-bypass /products/nora-guard /trust /blog/trust-all-trustmanager-frida-tls-bypass-banking-app-security-research

Commercial Obfuscation Bypass

Mobile and Reverse Engineering

Medium

Static and dynamic analysis recover string, control-flow, or anti-debugging behavior from protected applications during authorized review.

Detection signals

Recovered string table
Instrumentation-resistant branch
Obfuscation PRNG reconstruction

/glossary#reverse-engineering /products/nora-guard /blog/arxan-digital-ai-string-encryption-reverse-engineering-mathematical-derivation

Threat Library

AI Threat Library

A structured starter library of threats mapped to Innora research, glossary definitions, product proof pages, and buyer-facing mitigation routes.

AI Systems

3 seed threats

Prompt Injection

AI Systems

High

User, tool, document, or retrieved-content instructions alter an AI system decision path and bypass intended guardrails.

Detection signals

Unexpected tool calls
Instruction hierarchy conflicts
Retrieved content with executable guidance

/glossary#prompt-injection /products/nora-veridic /blog/prompt-injection-attacks-ai-cybersecurity-tools-de /trust

Agent Tool Abuse

AI Systems

High

Autonomous agents misuse browser, file, API, or workflow tools after prompt manipulation, weak policy checks, or missing approval gates.

Detection signals

Unusual tool-call sequence
Sensitive action without approval
Cross-system workflow drift

/glossary#agent-security /products/nora-core /products/nora-veridic /trust /developers

Model Supply Chain Poisoning

AI Systems

High

Compromised models, datasets, adapters, or inference dependencies introduce backdoors, unsafe behavior, or remote execution paths.

Detection signals

Unexpected model artifact changes
Untrusted dependency load
Behavior drift after model update

/blog/ai-supply-chain-poisoning /products/nora-scan /products/nora-veridic /glossary#ai-security /trust

Software Vulnerabilities

2 seed threats

Memory-Safety CVE

Software Vulnerabilities

Critical

C or C++ parsing, bounds, integer, or lifetime bugs create crashes, denial of service, information disclosure, or code execution opportunities.

Detection signals

ASAN crash
Boundary-input failure
Integer truncation or overflow
Unsafe copy path

/glossary#asan-verification /products/nora-scan /company/research /blog/31-vulns-48-hours-ai-assisted-automotive-audit-methodology /blog/vim-partial-patch-14-heap-overflows-cve-2026-28421

V2X Pre-Auth DoS

Software Vulnerabilities

High

Malformed vehicle-to-everything protocol input reaches parsing or cryptographic verification before authentication and terminates a network-facing process.

Detection signals

Unauthenticated packet crash
Exception escapes receive path
Protocol parser sanitizer trace

/glossary#fuzzing /products/nora-scan /company/research /blog/cve-2026-37555-vanetza-v2x-preauth-dos

Web3

2 seed threats

Cross-Chain Bridge Exploit

Web3

Critical

Bridge validators, message verification, replay handling, or accounting assumptions fail and let attackers move or mint assets across chains.

Detection signals

Validator threshold anomaly
Message replay
Unexpected liquidity movement
Bridge accounting mismatch

/glossary#cross-chain-bridge-security /audit /products/nora-guard /blog/kelp-dao-layerzero-292m-exploit-forensic-analysis /blog/weighted-multisig-ism-validator-search-bug-hyperlane-analysis

Account Abstraction Paymaster Abuse

Web3

High

ERC-4337 or similar account-abstraction flows let attackers shift gas, validation, or sponsorship assumptions into exploitable paymaster behavior.

Detection signals

Unexpected gas sponsorship
Validation/paymaster mismatch
Replayable user operation

/glossary#smart-contract-audit /audit /products/nora-guard /blog/erc4337-paymaster-fee-extraction-attack-analysis

Threat Intelligence

2 seed threats

APT Initial Access

Threat Intelligence

High

Nation-state or organized intrusion sets gain footholds through exposed services, supply chain access, credential theft, phishing, or trusted tooling.

Detection signals

New external service abuse
Living-off-the-land command chain
Credential use from abnormal origin

/glossary#apt-analysis /products/nora-vision /products/nora-shrike /blog/apt-tactics-analysis-2025 /blog/september-2025-global-apt-threat-landscape-technic

Ransomware Persistence

Threat Intelligence

Critical

Ransomware operators retain access, disable controls, stage payloads, and create recovery blockers before encryption or extortion.

Detection signals

Backup tampering
EDR disable attempt
Suspicious credential dumping
Mass file rename behavior

/glossary#ransomware-analysis /products/nora-vision /reports /blog/deep-analysis-advanced-ransomware-attack-technique

Mobile and Reverse Engineering

2 seed threats

Mobile TLS Bypass

Mobile and Reverse Engineering

Medium

Runtime instrumentation or weak certificate validation lets authorized testers or attackers inspect traffic that the app expected to protect.

Detection signals

Trust-all manager path
Pinning callback patch
Frida instrumentation traces

/glossary#frida-tls-bypass /products/nora-guard /trust /blog/trust-all-trustmanager-frida-tls-bypass-banking-app-security-research

Commercial Obfuscation Bypass

Mobile and Reverse Engineering

Medium

Static and dynamic analysis recover string, control-flow, or anti-debugging behavior from protected applications during authorized review.

Detection signals

Recovered string table
Instrumentation-resistant branch
Obfuscation PRNG reconstruction

/glossary#reverse-engineering /products/nora-guard /blog/arxan-digital-ai-string-encryption-reverse-engineering-mathematical-derivation