TechCrunch Industry News Pirate group Anna’s Archive says it has scraped 86 million songs from Spotify; plus, OpenAI says AI browsers may always be vulnerable to prompt injection attacks
Dec 23, 2025
A pirate archive claims it scraped tens of millions of Spotify tracks and files. Spotify's countermeasures and creator protections are discussed. OpenAI warns AI browsers face persistent prompt injection risks. A new LLM-based automated attacker and demos showing agent exploits are described. Defenses and trade-offs around agentic browser security are explored.
AI Snips
Chapters
Transcript
Episode notes
Massive Spotify Archive Claim
- Anna's Archive claims it scraped nearly the entirety of Spotify's library, including metadata for about 99.9% of tracks.
- The group archived ~86 million music files (~300 TB) but so far only released metadata, not the music itself.
Spotify's Rapid Defensive Response
- Spotify disabled the user accounts involved and implemented new safeguards to detect scraping behavior.
- The company framed the actions as protecting creators and monitoring for suspicious activity.
Prompt Injection Is A Persistent Risk
- OpenAI acknowledges prompt injection attacks against agentic browsers are unlikely to be fully solved.
- The firm compares the threat to ongoing web scams and says defenses must be continuously strengthened.