| 1 | AML.T0049 Exploit Public-Facing Application | Initial Access | 948 | |
| 2 | AML.T0029 Denial of AI Service | Impact | 449 | |
| 3 | AML.T0025 Exfiltration via Cyber Means | Exfiltration | 239 | |
| 4 | AML.T0034 Cost Harvesting | Impact | 165 | |
| 5 | AML.T0050 Command and Scripting Interpreter | Execution | 157 | |
| 6 | AML.T0037 Data from Local System | Collection | 155 | |
| 7 | AML.T0055 Unsecured Credentials | Credential Access | 141 | |
| 8 | AML.T0053 AI Agent Tool Invocation | Privilege Escalation | 124 | |
| 9 | AML.T0072 Reverse Shell | Command and Control | 116 | |
| 10 | AML.T0040 AI Model Inference API Access | AI Model Access | 115 | |
| 11 | AML.T0058 Publish Poisoned Models | Resource Development | 102 | |
| 12 | AML.T0012 Valid Accounts | Privilege Escalation | 101 | |
| 13 | AML.T0035 AI Artifact Collection | Collection | 93 | |
| 14 | AML.T0083 Credentials from AI Agent Configuration | Credential Access | 77 | |
| 15 | AML.T0107 Exploitation for Defense Evasion | Defense Evasion | 75 | |
| 16 | AML.T0011 User Execution | Execution | 65 | |
| 17 | AML.T0074 Masquerading | Defense Evasion | 63 | |
| 18 | AML.T0043 Craft Adversarial Data | AI Attack Staging | 59 | |
| 19 | AML.T0006 Active Scanning | Reconnaissance | 46 | |
| 20 | AML.T0105 Escape to Host | Privilege Escalation | 42 | |
| 21 | AML.T0081 Modify AI Agent Configuration | Persistence | 40 | |
| 22 | AML.T0106 Exploitation for Credential Access | Credential Access | 38 | |
| 23 | AML.T0078 Drive-by Compromise | Initial Access | 33 | |
| 24 | AML.T0075 Cloud Service Discovery | Discovery | 22 | |
| 25 | AML.T0020 Poison Training Data | Resource Development | 20 | |
| 26 | AML.T0085 Data from AI Services | Collection | 19 | |
| 27 | AML.T0086 Exfiltration via AI Agent Tool Invocation | Exfiltration | 18 | |
| 28 | AML.T0007 Discover AI Artifacts | Discovery | 17 | |
| 29 | AML.T0080 AI Agent Context Poisoning | Persistence | 17 | |
| 30 | AML.T0018 Manipulate AI Model | Persistence | 16 | |
| 31 | AML.T0051 LLM Prompt Injection | Execution | 16 | |
| 32 | AML.T0057 LLM Data Leakage | Exfiltration | 13 | |
| 33 | AML.T0031 Erode AI Model Integrity | Impact | 11 | |
| 34 | AML.T0052 Phishing | Lateral Movement | 11 | |
| 35 | AML.T0101 Data Destruction via AI Agent Tool Invocation | Impact | 11 | |
| 36 | AML.T0001 Search Open AI Vulnerability Analysis | Reconnaissance | 10 | |
| 37 | AML.T0036 Data from Information Repositories | Collection | 9 | |
| 38 | AML.T0076 Corrupt AI Model | Defense Evasion | 9 | |
| 39 | AML.T0070 RAG Poisoning | Persistence | 8 | |
| 40 | AML.T0084 Discover AI Agent Configuration | Discovery | 8 | |
| 41 | AML.T0021 Establish Accounts | Resource Development | 7 | |
| 42 | AML.T0044 Full AI Model Access | AI Model Access | 7 | |
| 43 | AML.T0059 Erode Dataset Integrity | Impact | 7 | |
| 44 | AML.T0073 Impersonation | Defense Evasion | 6 | |
| 45 | AML.T0079 Stage Capabilities | Resource Development | 6 | |
| 46 | AML.T0093 Prompt Infiltration via Public-Facing Application | Initial Access | 6 | |
| 47 | AML.T0097 Virtualization/Sandbox Evasion | Defense Evasion | 6 | |
| 48 | AML.T0108 AI Agent | Command and Control | 6 | |
| 49 | AML.T0096 AI Service API | Command and Control | 5 | |
| 50 | AML.T0098 AI Agent Tool Credential Harvesting | Credential Access | 5 | |
| 51 | AML.T0024 Exfiltration via AI Inference API | Exfiltration | 4 | |
| 52 | AML.T0054 LLM Jailbreak | Privilege Escalation | 4 | |
| 53 | AML.T0064 Gather RAG-Indexed Targets | Reconnaissance | 4 | |
| 54 | AML.T0099 AI Agent Tool Data Poisoning | Persistence | 4 | |
| 55 | AML.T0019 Publish Poisoned Datasets | Resource Development | 3 | |
| 56 | AML.T0056 Extract LLM System Prompt | Exfiltration | 3 | |
| 57 | AML.T0063 Discover AI Model Outputs | Discovery | 3 | |
| 58 | AML.T0087 Gather Victim Identity Information | Reconnaissance | 3 | |
| 59 | AML.T0010 AI Supply Chain Compromise | Initial Access | 2 | |
| 60 | AML.T0014 Discover AI Model Family | Discovery | 2 | |
| 61 | AML.T0015 Evade AI Model | Initial Access | 2 | |
| 62 | AML.T0065 LLM Prompt Crafting | Resource Development | 2 | |
| 63 | AML.T0100 AI Agent Clickbait | Execution | 2 | |
| 64 | AML.T0102 Generate Malicious Commands | AI Attack Staging | 2 | |
| 65 | AML.T0000 Search Open Technical Databases | Reconnaissance | 1 | |
| 66 | AML.T0046 Spamming AI System with Chaff Data | Impact | 1 | |
| 67 | AML.T0047 AI-Enabled Product or Service | AI Model Access | 1 | |
| 68 | AML.T0066 Retrieval Content Crafting | Resource Development | 1 | |
| 69 | AML.T0069 Discover LLM System Information | Discovery | 1 | |
| 70 | AML.T0091 Use Alternate Authentication Material | Lateral Movement | 1 | |
| 71 | AML.T0092 Manipulate User LLM Chat History | Defense Evasion | 1 | |
| 72 | AML.T0002 Acquire Public AI Artifacts | Resource Development | 0 | |
| 73 | AML.T0003 Search Victim-Owned Websites | Reconnaissance | 0 | |
| 74 | AML.T0004 Search Application Repositories | Reconnaissance | 0 | |
| 75 | AML.T0005 Create Proxy AI Model | AI Attack Staging | 0 | |
| 76 | AML.T0008 Acquire Infrastructure | Resource Development | 0 | |
| 77 | AML.T0013 Discover AI Model Ontology | Discovery | 0 | |
| 78 | AML.T0016 Obtain Capabilities | Resource Development | 0 | |
| 79 | AML.T0017 Develop Capabilities | Resource Development | 0 | |
| 80 | AML.T0041 Physical Environment Access | AI Model Access | 0 | |
| 81 | AML.T0042 Verify Attack | AI Attack Staging | 0 | |
| 82 | AML.T0048 External Harms | Impact | 0 | |
| 83 | AML.T0060 Publish Hallucinated Entities | Resource Development | 0 | |
| 84 | AML.T0061 LLM Prompt Self-Replication | Persistence | 0 | |
| 85 | AML.T0062 Discover LLM Hallucinations | Discovery | 0 | |
| 86 | AML.T0067 LLM Trusted Output Components Manipulation | Defense Evasion | 0 | |
| 87 | AML.T0068 LLM Prompt Obfuscation | Defense Evasion | 0 | |
| 88 | AML.T0071 False RAG Entry Injection | Defense Evasion | 0 | |
| 89 | AML.T0077 LLM Response Rendering | Exfiltration | 0 | |
| 90 | AML.T0082 RAG Credential Harvesting | Credential Access | 0 | |
| 91 | AML.T0088 Generate Deepfakes | AI Attack Staging | 0 | |
| 92 | AML.T0089 Process Discovery | Discovery | 0 | |
| 93 | AML.T0090 OS Credential Dumping | Credential Access | 0 | |
| 94 | AML.T0094 Delay Execution of LLM Instructions | Defense Evasion | 0 | |
| 95 | AML.T0095 Search Open Websites/Domains | Reconnaissance | 0 | |
| 96 | AML.T0103 Deploy AI Agent | Execution | 0 | |
| 97 | AML.T0104 Publish Poisoned AI Agent Tool | Resource Development | 0 | |
AI Threat Alert