Couverture de Hacking AI: Why Most AI Systems Are Insecure by Default

Hacking AI: Why Most AI Systems Are Insecure by Default

Hacking AI: Why Most AI Systems Are Insecure by Default

Écouter gratuitement

Voir les détails

À propos de ce contenu audio

Hosts: Miriah Peterson, Matt Sharp, Chris Brousseau
Recorded: April 2026
Status: Released

Most AI systems today are designed to be helpful — not secure.

In this episode, we break down how AI systems actually get exploited in production:

  • a real supply chain attack on a widely used AI dependency
  • prompt injection and why it still works
  • image-based (multimodal) exploits
  • tool and agent abuse

If you’re building AI — especially at a startup — you are the security team.

A widely used AI dependency was compromised via a malicious .pth file:

  • executes automatically when Python starts
  • no import required
  • targets credentials, SSH keys, and environment variables

👉 Just installing the package was enough.

This highlights a critical reality:

Your AI system is only as secure as your dependencies.

  • Models cannot distinguish between instructions and data
  • External content can override system behavior
  • Still one of the most common AI vulnerabilities

🔗 https://learnprompting.org/docs/prompt_hacking/injection

  • Hidden instructions embedded in images
  • AI interprets images differently than humans
  • Expands the attack surface significantly

🔗 https://arxiv.org/abs/2306.11698

  • AI systems can take real-world actions via tools
  • Prompt injection → API calls, data leaks, unintended execution
  • Agents amplify risk through autonomy and retries

If you’re building AI systems today:

  • separate instructions from data
  • limit tool permissions
  • treat outputs as untrusted
  • validate everything before execution
  • AI systems have an internet-sized attack surface
  • Supply chain attacks bypass all AI safeguards
  • Prompt injection is a fundamental problem
  • AI doesn’t fail safely — it fails wherever your system is weakest
  • LiteLLM incident: https://github.com/BerriAI/litellm/issues/24512
  • Attack breakdown: https://futuresearch.ai/blog/litellm-pypi-supply-chain-attack/
  • LLM attack techniques: https://llm-attacks.org/
  • OWASP LLM Top 10: https://owasp.org/www-project-top-10-for-large-language-model-applications/
  • Gandalf challenge: https://gandalf.lakera.ai/

We’ve launched a Patreon for Domesticating AI 🎉

Get:

  • early access to episodes
  • behind-the-scenes content
  • bloopers and uncut moments

👉 https://patreon.com/DomesticatingAIPodcast

  • 🎥 YouTube: https://youtu.be/HTTxE7Y1sko

What’s the weirdest way an AI system has broken for you?

Keep your AI on a leash.
Aucun commentaire pour le moment