Article - https://www.aiblade.net/p/4030b68a-2ab6-452e-9a67-530f91a801f9

Notion Free Trial - https://affiliate.notion.so/pqesm7yjddbc

AI Jailbreaking has been around since the dawn of consumer-grade LLMs. Defined by Microsoft as “a technique that can cause the failure of guardrails”, jailbreaking still poses a huge problem to LLM providers in 2025, since people can leverage it to easily break terms of service.

In this post, we’ll try simple one-shot jailbreaks against each major model provider, assess the responses, and look at the future of jailbreaking.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article - https://www.aiblade.net/p/is-github-copilot-poisoned-part-2

In my previous post, I looked at how code generation models could potentially be poisoned. The impacts could be devastating, and I created a small script to find evidence of this at play. However, my code was too slow, and I didn’t find any meaningful results.

In this post, I seek to improve upon my last experiment. I’ll investigate massive datasets of coding-related prompts, collect thousands of lines of AI-generated code, and analyse this code for evidence of malicious activity.

Try Notion For Free! https://affiliate.notion.so/pqesm7yjddbc

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article - https://www.aiblade.net/p/a2b8dbe2-ff30-4dd5-9c60-2781f07fea9a

DeepSeek AI is taking the world by storm; their new R1 model provides ChatGPT-like capabilities at a fraction of the cost. But how secure really is it? In this post, we’ll take a look at three key areas: the shady origins of DeepSeek AI, a critical vulnerability allowing full database access, and targeted account compromise.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

In my last post, I looked at the feasibility of poisoning AI models. While the task would be challenging, the payoff would be huge, allowing threat actors to inject critical vulnerabilities into production codebases.

So… have code suggestion models already been poisoned? In this post, we’ll develop a script to test Copilot for poisoning, evaluate its results, and suggest improvements for future experiments.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article - https://www.aiblade.net/p/ai-poisoning-is-it-really-a-threat

AI Training Data Poisoning is a hot topic, with OWASP citing it as the third most critical security risk faced by LLM Applications. But have these attacks ever occurred, and are they feasible for threat actors to use? In this post, I will scrutinize cutting-edge research and use my cybersecurity knowledge to conclude how impactful AI Poisoning really is.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article - https://www.aiblade.net/p/ai-pentesting-with-vulnhuntr

For years, CISOs have been fantasizing about truly automated penetration testing, allowing them to quickly find critical bugs in key applications. While this dream isn’t fully here yet, VulnHuntr offers an LLM-based code analysis package that promises to “find and explain complex, multistep vulnerabilities”. In this post, we’ll look at what VulnHuntr is, how it works, and if this tool lives up to its bold claim.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article: https://www.aiblade.net/p/ai-bug-bounty-guide-2024

Bug Bounty has long been an established source of income in the cybersecurity industry. As insecure AI/ML-based applications enter the market in 2024, new bounty programs with low-hanging fruit are opening up.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article: https://www.aiblade.net/p/claude-computer-use-prompt-injection

On 22nd October 2024, Claude Computer Use was released to the world. While Computer Use is an incredible tool, it is also insecure by default. In this blog post, we’ll look at how Johann Rehberger from Embrace The Red was able to completely compromise a Claude-controlled machine via an ingenious Indirect Prompt Injection.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

Article: https://www.aiblade.net/p/hacking-the-ai-goat

The AI Goat is a deliberately vulnerable AI architecture hosted on AWS. Created by Orca Security, it serves as a resource to train the next generation of ethical hackers. In this post, I will hack the Goat, discuss what I like about it, and suggest improvements to make it even better.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net

After exploiting several Indirect Prompt Injection vulnerabilities, I decided to author my first white paper: The Practical Application of Indirect Prompt Injection Attacks.

In this post, I will present my Indirect Prompt Injection Methodology from the paper, discuss the outcomes of my research, and consider its significance in the future of AI Security.

This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.aiblade.net