{"id":6167,"date":"2025-08-16T03:38:10","date_gmt":"2025-08-15T19:38:10","guid":{"rendered":"https:\/\/infernews.com\/?p=6167"},"modified":"2025-08-16T03:38:12","modified_gmt":"2025-08-15T19:38:12","slug":"%e8%ae%93-ai-%e8%aa%aa%e5%87%ba%e4%b8%8d%e7%95%b6%e8%a8%80%e8%ab%96","status":"publish","type":"post","link":"https:\/\/infernews.com\/blog\/%e8%ae%93-ai-%e8%aa%aa%e5%87%ba%e4%b8%8d%e7%95%b6%e8%a8%80%e8%ab%96\/","title":{"rendered":"\u8b93 AI \u8aaa\u51fa\u4e0d\u7576\u8a00\u8ad6"},"content":{"rendered":"\n<p>\u9080\u8acb\u4e86\u77e5\u540d AI \u5b89\u5168\u5c08\u5bb6 Jason Haddix\uff0c\u6df1\u5165\u63a2\u8a0e\u4e86\u99ed\u5ba2\u5982\u4f55\u6ef2\u900f\u3001\u64cd\u63a7 AI \u9a45\u52d5\u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u80fd\u8b93 AI \u8aaa\u51fa\u4e0d\u7576\u8a00\u8ad6\uff0c\u66f4\u80fd\u7aca\u53d6\u4f01\u696d\u654f\u611f\u6578\u64da\u5982\u5ba2\u6236\u8cc7\u6599\u6216\u5546\u696d\u6a5f\u5bc6\u3002<\/p>\n\n\n<figure class=\"wp-block-embed-youtube wp-block-embed is-type-video is-provider-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"lyte-wrapper\" title=\"Hacking AI is TOO EASY (this should be illegal)\" style=\"width:853px;max-width:100%;margin:5px auto;\"><div class=\"lyMe\" id=\"WYL_Qvx2sVgQ-u0\" itemprop=\"video\" itemscope itemtype=\"https:\/\/schema.org\/VideoObject\"><div><meta itemprop=\"thumbnailUrl\" content=\"https:\/\/infernews.com\/blog\/wp-content\/plugins\/wp-youtube-lyte\/lyteCache.php?origThumbUrl=https%3A%2F%2Fi.ytimg.com%2Fvi%2FQvx2sVgQ-u0%2Fhqdefault.jpg\" \/><meta itemprop=\"embedURL\" content=\"https:\/\/www.youtube.com\/embed\/Qvx2sVgQ-u0\" \/><meta itemprop=\"duration\" content=\"PT26M39S\" \/><meta itemprop=\"uploadDate\" content=\"2025-08-12T17:19:12Z\" \/><\/div><meta itemprop=\"accessibilityFeature\" content=\"captions\" \/><div id=\"lyte_Qvx2sVgQ-u0\" data-src=\"https:\/\/infernews.com\/blog\/wp-content\/plugins\/wp-youtube-lyte\/lyteCache.php?origThumbUrl=https%3A%2F%2Fi.ytimg.com%2Fvi%2FQvx2sVgQ-u0%2Fhqdefault.jpg\" class=\"pL\"><div class=\"tC\"><div class=\"tT\" itemprop=\"name\">Hacking AI is TOO EASY (this should be illegal)<\/div><\/div><div class=\"play\"><\/div><div class=\"ctrl\"><div class=\"Lctrl\"><\/div><div class=\"Rctrl\"><\/div><\/div><\/div><noscript><a href=\"https:\/\/youtu.be\/Qvx2sVgQ-u0\" rel=\"nofollow\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/infernews.com\/blog\/wp-content\/plugins\/wp-youtube-lyte\/lyteCache.php?origThumbUrl=https%3A%2F%2Fi.ytimg.com%2Fvi%2FQvx2sVgQ-u0%2F0.jpg\" alt=\"Hacking AI is TOO EASY (this should be illegal)\" width=\"853\" height=\"460\" \/><br \/>Watch this video on YouTube<\/a><\/noscript><meta itemprop=\"description\" content=\"Want to deploy AI in your cloud apps SAFELY? Let Wiz help: https:\/\/ntck.co\/wiz Can you hack AI? In this video I sit down with elite AI hacker Jason Haddix to unpack how attackers compromise AI-enabled apps\u2014not just jailbreak chatbots, but exfiltrate customer data, abuse tool calls, and pivot across systems. We walk through his six-part AI pentest blueprint, play the Gandalf prompt-injection game, and demo wild techniques like emoji smuggling and link smuggling. You\u2019ll see real-world cases (think Slack salesbots + Salesforce leaks), why MCP (Model Context Protocol) and agentic frameworks can widen the blast radius, and then we flip to defense: web-layer fundamentals, a \u201cfirewall for AI\u201d on inputs\/outputs, and least-privilege for data and tools\u2014plus a hands-on demo you can try. If you\u2019re building with AI in 2025, this is your wake-up call (and your roadmap). Educational content only\u2014hack ethically and only with permission. \ud83d\udccc Watch the Full Interview here: https:\/\/youtu.be\/2Z-9EOyb6HE Links and STUFF \u2014-------------------------------------------------------- Practice Prompt Injection: https:\/\/gandalf.lakera.ai\/baseline Pliney&#039;s Github: https:\/\/github.com\/elder-plinius Follow Jason Everywhere: X: https:\/\/x.com\/Jhaddix Linkedin: https:\/\/www.linkedin.com\/in\/jhaddix\/ Instagram: https:\/\/www.instagram.com\/j.haddix56\/ Tiktok: https:\/\/www.tiktok.com\/@jhaddix56 Checkout Jason\u2019s courses: Website: https:\/\/www.arcanum-sec.com\/ Training Overview: Training: https:\/\/www.arcanum-sec.com\/training-overview Attacking AI course: https:\/\/www.arcanum-sec.com\/training\/attacking-ai Hacking your career: https:\/\/www.arcanum-sec.com\/training\/hack-your-brand \ud83d\udd25\ud83d\udd25Join the NetworkChuck Academy!: https:\/\/ntck.co\/NCAcademy **Sponsored by Wiz.io 00:00 - Hack companies through AI? 00:58 - What does \u201chacking AI\u201d really mean? 01:43 - AI pentest vs. red teaming (6-step blueprint) 02:42 - Prompt Injection 101 (why it\u2019s so hard) 04:14 - Try it live: Gandalf prompt-injection game 05:09 - Jailbreak taxonomy: intents, techniques, evasions 05:55 - Emoji smuggling + anti-classifier demo 07:23 - Link smuggling (data exfiltration trick) 11:38 - Real-world leaks: Salesforce\/Slack bot case 13:47 - MCP security risks &amp; blast radius 16:55 - Can AI hack for us? Agents &amp; bug bounties 20:52 - Defense in depth: web, AI firewall, least privilege 24:57 - Jason\u2019s Magic Card: GPT-4o system prompt leak (wild story) SUPPORT NETWORKCHUCK --------------------------------------------------- \u27a1\ufe0fNetworkChuck membership: https:\/\/ntck.co\/Premium \u2615\u2615 COFFEE and MERCH: https:\/\/ntck.co\/coffee Check out my new channel: https:\/\/ntck.co\/ncclips \ud83c\udd98\ud83c\udd98NEED HELP?? Join the Discord Server: https:\/\/discord.gg\/networkchuck STUDY WITH ME on Twitch: https:\/\/bit.ly\/nc_twitch READY TO LEARN?? --------------------------------------------------- -Learn Python: https:\/\/bit.ly\/3rzZjzz -Get your CCNA: https:\/\/bit.ly\/nc-ccna FOLLOW ME EVERYWHERE --------------------------------------------------- Instagram: https:\/\/www.instagram.com\/networkchuck\/ Twitter: https:\/\/twitter.com\/networkchuck Facebook: https:\/\/www.facebook.com\/NetworkChuck\/ Join the Discord server: http:\/\/bit.ly\/nc-discord AFFILIATES &amp; REFERRALS --------------------------------------------------- (GEAR I USE...STUFF I RECOMMEND) My network gear: https:\/\/geni.us\/L6wyIUj Amazon Affiliate Store: https:\/\/www.amazon.com\/shop\/networkchuck Buy a Raspberry Pi: https:\/\/geni.us\/aBeqAL Do you want to know how I draw on the screen?? Go to https:\/\/ntck.co\/EpicPen and use code NetworkChuck to get 20% off!! fast and reliable unifi in the cloud: https:\/\/hostifi.com\/?via=chuck Prompt Injection explained with live demos: Gandalf game, emoji smuggling, and link smuggling exfiltration. AI Pentesting vs AI Red Teaming: a six-phase methodology for securing LLM apps end-to-end. LLM jailbreak taxonomy: intents, techniques, evasions, and utilities\u2014how attackers actually think. RAG poisoning, tool-call abuse, and over-scoped API keys: the hidden risks in modern AI products. MCP (Model Context Protocol) security: tools\/resources\/prompts, server hardening, and blast-radius control. Agentic frameworks (LangChain, LangGraph, CrewAI) security pitfalls\u2014and how to test them safely. Real-world case study: Slack salesbot + Salesforce data exposure and what went wrong. Defense in depth for AI: input\/output validation, a firewall for AI (guardrails\/classifiers), least privilege. Bug bounty + AI: why mid-tier vulns are getting automated while human creativity still wins. 2025 AI security blueprint: map your attack surface, prevent system-prompt leaks, and lock down data access. #promptinjection #aihacking #airedteaming\"><\/div><\/div><div class=\"lL\" style=\"max-width:100%;width:853px;margin:5px auto;\"><\/div><figcaption><\/figcaption><\/figure>","protected":false},"excerpt":{"rendered":"<p>\u9080\u8acb\u4e86\u77e5\u540d AI \u5b89\u5168\u5c08\u5bb6 Jason Haddix\uff0c\u6df1\u5165\u63a2\u8a0e\u4e86\u99ed\u5ba2\u5982\u4f55\u6ef2\u900f\u3001\u64cd\u63a7 AI \u9a45\u52d5\u7684\u61c9\u7528\u7a0b\u5f0f\uff0c\u80fd\u8b93 AI \u8aaa\u51fa\u4e0d\u7576\u8a00\u8ad6\uff0c\u66f4\u80fd\u7aca\u53d6\u4f01\u696d\u654f\u611f\u6578\u64da\u5982\u5ba2\u6236\u8cc7\u6599\u6216\u5546\u696d\u6a5f\u5bc6\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"googlesitekit_rrm_CAowvqSiDA:productID":"","footnotes":""},"categories":[170],"tags":[],"class_list":["post-6167","post","type-post","status-publish","format-standard","hentry","category-170"],"_links":{"self":[{"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/posts\/6167","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/comments?post=6167"}],"version-history":[{"count":0,"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/posts\/6167\/revisions"}],"wp:attachment":[{"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/media?parent=6167"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/categories?post=6167"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/infernews.com\/blog\/wp-json\/wp\/v2\/tags?post=6167"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}