All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Security researcher uses AI tool Claude to discover ticketing vulnerability affecting major US music festivals

By

Andy Greenberg

3d ago· 7 min readenNews

Summary

Security researcher Ian Carroll used Anthropic's Claude Opus 4.7 to discover a vulnerability in Front Gate Tickets, the ticketing platform used by nearly every major US music festival (including Bonnaroo, Lollapalooza, and Coachella). By prompting the AI to think like a hacker, Carroll was able to gain super-administrator access and issue unlimited free VIP tickets. The article explores the implications of AI-assisted hacking, noting that while fears often focus on catastrophic scenarios, the more realistic threat involves AI helping attackers exploit web vulnerabilities at scale. Front Gate Tickets has since patched the vulnerability.

Source

bskySecurity researcher uses AI tool Claude to discover ticketing vulnerability affecting major US music festivalswired.com

Key quotes

· 3 pulled
Fears about AI tools capable of autonomous hacking usually involve nightmare scenarios like the theft of nuclear launch codes or zeroed-out bank reserves. Far more plausible, it turns out, is asking AI to gain super-administrator access on a ticketing website and then issuing yourself and all of your friends free VIP backstage passes to Bonnaroo.
The AI didn't just find the vulnerability — it walked Carroll through the entire exploitation process, step by step, like a patient tutor who also happens to be very good at breaking into things.
This is the kind of attack that keeps security engineers up at night: not the exotic zero-day, but the mundane misconfiguration that, in the wrong hands, becomes a skeleton key.
Snippet from the RSS feed
A researcher found that using Anthropic’s Claude Opus 4.7, he could break into the website of Front Gate—used by every festival from Lollapalooza to Bonnaroo—and freely issue any ticket he chose.

You might also wanna read

Anthropic Report Reveals AI 'Vibe-Hacking' Threat Targeting Critical Organizations

Anthropic's new Threat Intelligence report reveals that AI agents like Claude Code are being weaponized by cybercriminals in a technique cal

The Verge·10mo ago

Anthropic Releases Claude Code Security AI Tool to Help Defenders Detect Vulnerabilities

Anthropic is releasing Claude Code Security, an AI-powered cybersecurity tool designed to help defenders detect novel, high-severity vulnera

anthropic.com·4mo ago

Anthropic's Claude Opus 4.6 AI Model Discovers 500+ High-Severity Security Flaws in Open-Source Libraries

Anthropic's latest AI model, Claude Opus 4.6, has discovered over 500 previously unknown high-severity security vulnerabilities in open-sour

axios.com·4mo ago

Security Vulnerability in Claude Cowork Enables File Exfiltration via Prompt Injection

The article reveals a security vulnerability in Anthropic's Claude Cowork feature, demonstrating how it can be exploited for file exfiltrati

promptarmor.com·5mo ago

Security Risks and Vulnerabilities in Anthropic's Model Context Protocol (MCP)

The article examines security risks and vulnerabilities in Anthropic's Model Context Protocol (MCP), which enables AI systems to connect to

hiddenlayer.com·7mo ago

Anthropic's Mythos AI Achieves 72.4% Success Rate in Generating Browser Sandbox Exploits

Anthropic's Mythos research preview demonstrates a significant advancement in AI's ability to generate working exploits for browser sandboxe

martinalderson.com·2mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.