Jira Tickets Used to Breach AI in Cato Networks Test

Security researchers at Cato Networks have demonstrated how Jira tickets used in internal workflows can become attack vectors through prompt injection exploits. The proof-of-concept attack, dubbed “living off AI,” reveals how external inputs can manipulate AI-driven systems that interface with enterprise applications.

The attack leverages seemingly benign content embedded in Jira tickets, which AI tools then misinterpret as trusted input. Once processed, the malicious prompts influence internal services, potentially triggering unintended actions or data exposure. This method does not rely on traditional malware or compromised credentials, but instead exploits vulnerabilities in how AI systems handle natural language.

Cato Networks’ findings underscore the importance of scrutinizing how AI integrates with routine business tools. As organizations increasingly automate with AI, attackers may find new opportunities to exploit overlooked entry points. Cybersecurity teams must reevaluate the trust boundaries between user-generated content and AI-based automation.

Read the full report at
https://www.scworld.com/news/jira-tickets-become-attack-vectors-in-poc-living-off-ai-attack