Real World Attacks

In-depth teardowns of observed AI exploits in the wild. We analyze the anatomy of the attack, the exploit chain, and the architectural defenses required to mitigate them.

Prompt & Application Security

• The ChatGPT 'Grandma Exploit' — Anatomy of a Roleplay Jailbreak: Anatomy of a roleplay jailbreak exploiting instructions via prompts.
• Data Exfiltration via Markdown: How adversaries use markdown rendering to silently exfiltrate proprietary context from RAG systems.

Data Poisoning & RAG Exploits

• Vector Database Poisoning (Chroma & Pinecone): How a single malicious PDF can corrupt a corporate knowledge base and hijack LLM responses.
• CSV & Excel Formula Injection in AI Datasets: Exploiting data ingestion pipelines using malicious macros and DDE payloads hidden in tabular data.

Model & AI Supply Chain Security

• Hugging Face Pickle Exploits: Risks of malicious .pkl files in Hugging Face models and how to mitigate them via AST analysis.
• The PyTorch Dependency Confusion Attack: How attackers inject malicious code via typosquatted or fake PyTorch packages in internal MLOps tooling.

Infrastructure & Malicious Activity in Production

• The 'Sleepy' Agent: Backdoors in Production: Backdoors that remain dormant until triggered, and detection strategies in deployed ML systems.