Topics

How attackers use images, typography, and adversarial visual inputs to bypass safety guardrails in GPT-4V, Claude, and Gemini — and why multimodal inputs fundamentally expand the jailbreak attack surface.

How attackers compromise AI models before they reach production — through malicious fine-tuning, dataset poisoning, serialization exploits, and the unique risks of public model registries like Hugging Face Hub.

Persistent malicious instructions via memory and context manipulation — how attackers plant long-horizon influence across LLM sessions and what it takes to detect it.

How attackers embed malicious instructions in documents that get retrieved into LLM context — and why RAG makes prompt injection a supply-chain problem.

How attackers exploit the gap between LLM reasoning and actual function execution to trigger unauthorized tool calls — exfiltration via email, rogue database writes, and API key theft — and what mitigations actually close the gap.

Where physical-world adversarial patches and digital attacks stand against modern vision models — what still works, what's been hardened, and where the research frontier is.

How attackers reconstruct private model weights and decision boundaries through query-only access — the techniques, the economics, and what extracted models are actually used for.

How membership inference attacks determine whether specific data was used to train a model, and how model inversion techniques reconstruct private training examples from gradient signals and output distributions.

A technical deep-dive into how adversaries manipulate training datasets and introduce hidden backdoors into LLMs — covering poisoning mechanics, stealthy trigger design, and why standard evaluations miss these attacks.

Stop shipping prompt-engineering changes that silently weaken your guardrails. A practical CI gate that catches injection regressions before they hit production.

AI Attacks covers offensive AI security from a working practitioner's perspective. Here's what we publish.