📰 Originally published on SecurityElites — the canonical, fully-updated version of this article. Samsung engineers pasted proprietary source code into ChatGPT. The data hit OpenAI’s servers and training pipeline. That’s LLM06 — Sensitive Information Disclosure. Microsoft Copilot was redirected to exfiltrate Slack messages through a prompt injection in a shared document. That’s LLM01. A major bank’s AI assistant was manipulated into approving transactions it was designed to block — LLM08 Excessive Agency. The OWASP LLM Top 10 isn’t an academic taxonomy. Every category has real incidents behind it, and every incident has a methodology that red teams can reproduce in authorised assessments. Here’s the framework I use — mapped to actual disclosed cases, bug bounty data, and the assessment checklists that produce findings.…