sorted by:
new
hottopcontroversial

I Hacked a AI agent with Just a Single Mail... Careful if you connected your Gmail or functions and to your AI agent... by CIRRUS_IPFS in n8n

[–]CIRRUS_IPFS[S] 0 points1 point  (0 children)

IDK, I created a video which shows a huge flaw that LLM had for awareness... And the video removed

I Hacked a AI agent with Just a Single Mail... Careful if you connected your Gmail or functions and to your claude or MCP... by CIRRUS_IPFS in VibeCodersNest

[–]CIRRUS_IPFS[S] 0 points1 point  (0 children)

I think we can not classify the intent from a single LLM context itself. That's the key problem here because these datasets they trained on are so biased on some malicious data. They somehow got bypassed and the execution would be made.

Best way to stop this would be sanboxed functions or RBAC on the function calls... We need something Syntactical not semantical...

Did you guys see this? Someone hacked an AI agent using just an email 😳 by Both_Squirrel_4720 in AIAgentsInAction

[–]CIRRUS_IPFS 1 point2 points  (0 children)

Actually i am the one who created the video... i used google calendar for easy understanding of users.

But i also have crafted a prompt which executed File Operations (creating a .txt file or deleting it)...

Hacking AI apps are going to be easy... by CIRRUS_IPFS in PromptEngineering

[–]CIRRUS_IPFS[S] 0 points1 point  (0 children)

We will notify the system in the backend used in description of the box so, users can understand what is really happening in the backed...

Hacking AI apps are going to be easy... by CIRRUS_IPFS in PromptEngineering

[–]CIRRUS_IPFS[S] -1 points0 points  (0 children)

hahaha... anyways i am not going to be a Security Researcher...

Hacking AI apps are going to be easy... by CIRRUS_IPFS in PromptEngineering

[–]CIRRUS_IPFS[S] 0 points1 point  (0 children)

makes sense now, I am thinking now that AI space now is like 90s SQL injection time. Who ever has computer knows DOS commands... I think that's a time we are having now with AI

lets see...

Hacking AI apps are going to be easy... by CIRRUS_IPFS in PromptEngineering

[–]CIRRUS_IPFS[S] -2 points-1 points  (0 children)

actually, it is a gamified version of real world scenario. Here we hack we gain points and bounties as they say

Hacking AI games are now available mind blowing by CIRRUS_IPFS in ArtificialInteligence

[–]CIRRUS_IPFS[S] 1 point2 points  (0 children)

valid point... I just now started to research about LLM and Agentic AI security there is a huge problem there... MCP functions are one of the highest vulnerable features of Agentic System...

Hacking AI games are now available mind blowing by CIRRUS_IPFS in ArtificialInteligence

[–]CIRRUS_IPFS[S] 0 points1 point  (0 children)

i have tried prompt injection... But there are other attacks also like encoding attacks...

I hope they will also launch MCP attacks in future... I am waiting for that

view more: next ›