Critical Thinking - Bug Bounty Podcast

Episode 126: Hacking AI Series: Vulnus ex Machina - Part 3

Jun 12, 2025
Dive into the fascinating world of AI vulnerabilities, where personal experiences illuminate the challenges of hacking AI systems. Discover unique exploits like prompt injection that can manipulate AI interactions, exposing sensitive data. Hear about innovative tactics for uncovering AI flaws, including how hidden text can influence AI behavior. The conversation also emphasizes the necessity for creative approaches in identifying vulnerabilities and the importance of corporate support for AI bug bounty programs.
Ask episode
AI Snips
Chapters
Transcript
Episode notes
ANECDOTE

Early AI Bug Hunting Stories

  • Joseph Rez0 found early AI vulnerabilities like system prompt leaks and image generation filter bypasses.
  • Early exploits included generating violent images without explicit violent keywords to trick filters.
INSIGHT

Prompt Injection Risks on Google

  • Prompt injection can be leveraged in Google Docs and Gmail to create malicious links or leak sensitive chat histories.
  • Combining AI with open redirects enables effective phishing and content manipulation attacks.
INSIGHT

Invisible Prompt Injection Threat

  • Invisible prompt injection can manipulate triage AI to inflate bug severity ratings covertly.
  • Embedding data in invisible Unicode tags poses a subtle, powerful attack vector against AI-based systems.
Get the Snipd Podcast app to discover more snips from this episode
Get the app