Cryptocnews-Crypto News, Cryptocurrency News, Blockchain News, NFT News
    What's Hot

    OpenAI Offers US Government a $42 Billion Slice of Itself: Report

    07/02/2026

    Wavespace Launches MiCA-Compliant Self-Custodial Bitcoin Debit Card Powered By Lightning And NWC

    07/02/2026

    Bitcoin Exchange Flows Point To More Volatility: Report

    07/02/2026
    Facebook Twitter Instagram
    • Business
    • Markets
    • Get In Touch
    • Our Authors
    Facebook Twitter Instagram
    Cryptocnews-Crypto News, Cryptocurrency News, Blockchain News, NFT News
    • Home
    • Business

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      TRON Activity Hits Record High As Stablecoin Settlement Dominates

      07/02/2026

      Scattered Spider Suspect Extradited to US Over $8M Crypto Ransom Demand

      07/02/2026

      REAL launches confidential layer to expand institutional RWA adoption

      07/01/2026

      SUI, ENA And EIGEN Lead $73M Token Unlock Wave This Week

      07/01/2026
    • Technology
      1. Business
      2. Insights
      3. View All

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      TRON Activity Hits Record High As Stablecoin Settlement Dominates

      07/02/2026

      Scattered Spider Suspect Extradited to US Over $8M Crypto Ransom Demand

      07/02/2026

      REAL launches confidential layer to expand institutional RWA adoption

      07/01/2026

      Wavespace Launches MiCA-Compliant Self-Custodial Bitcoin Debit Card Powered By Lightning And NWC

      07/02/2026

      Bitcoin Exchange Flows Point To More Volatility: Report

      07/02/2026

      Ripple USD Activity Pushes XRP Ledger Settlement Volume Above $2.5 Billion

      07/02/2026

      Bitget Bolsters Stock+ Platform With U.S. Stock Options Trading

      07/02/2026

      A US Bitcoin treasury company sold every BTC because debt and Nasdaq pressure just closed in

      07/02/2026

      CRCL Sell-Off ‘Looks Overdone’ Say Analysts as Circle CEO Addresses Open USD Threat

      07/02/2026

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      Bitcoin can still fall to $53,000 if the ETF-era floor disappears

      07/01/2026
    • Insights
      1. Bitcoin
      2. Ethereum
      3. Eurozone
      4. Monero
      5. View All

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      REAL launches confidential layer to expand institutional RWA adoption

      07/01/2026

      Chainlink price prediction: record network growth meets bearish technicals

      06/30/2026

      CertiK joins XDC Network to secure trade finance and RWA tokenization

      06/29/2026

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      How Wall Street Is Re-Pricing America’s Crypto Infrastructure

      07/02/2026

      REAL launches confidential layer to expand institutional RWA adoption

      07/01/2026

      Chainlink price prediction: record network growth meets bearish technicals

      06/30/2026

      Wavespace Launches MiCA-Compliant Self-Custodial Bitcoin Debit Card Powered By Lightning And NWC

      07/02/2026

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      Bitcoin Price Reclaims $60,000 As Strategy (MSTR) And Strive (ASST) Jump More Than 10%

      07/01/2026

      Trump-Backed American Bitcoin (ABTC) Sets Reverse Split For July 2

      07/01/2026

      KuCoin Pay expands crypto payments across Bangladesh, Mexico, Zambia

      07/02/2026

      REAL launches confidential layer to expand institutional RWA adoption

      07/01/2026

      Chainlink price prediction: record network growth meets bearish technicals

      06/30/2026

      CertiK joins XDC Network to secure trade finance and RWA tokenization

      06/29/2026

      Wavespace Launches MiCA-Compliant Self-Custodial Bitcoin Debit Card Powered By Lightning And NWC

      07/02/2026

      Bitcoin Exchange Flows Point To More Volatility: Report

      07/02/2026

      Ripple USD Activity Pushes XRP Ledger Settlement Volume Above $2.5 Billion

      07/02/2026

      Bitget Bolsters Stock+ Platform With U.S. Stock Options Trading

      07/02/2026
    • Markets
    • Get In Touch
    Cryptocnews-Crypto News, Cryptocurrency News, Blockchain News, NFT News
    Home»Uncategorized»AI Researchers Got Chatbots to Share Cocaine Recipes Using This One Wild Trick
    Uncategorized

    AI Researchers Got Chatbots to Share Cocaine Recipes Using This One Wild Trick

    adminBy admin07/02/2026No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Share
    Facebook Twitter LinkedIn Pinterest Email



    In brief

    • Researchers got frontier AI models to generate cocaine synthesis instructions using a new prompt injection attack.
    • The same technique manipulated an AI coding agent into uploading sensitive credentials.
    • The study argues prompt injection stems from “role confusion,” not simply models failing to recognize malicious prompts.

    Forget clever prompts: AI researchers say they tricked leading AI models into generating cocaine synthesis instructions by convincing them the dangerous ideas were their own, while also manipulating an AI coding agent into leaking sensitive credentials.

    In the paper “Prompt Injection as Role Confusion,” presented at the International Conference on Machine Learning in June, researchers Charles Ye, Jasmine Cui, and Dylan Hadfield-Menell argue that both prompt injection attack demonstrations stem from a structural flaw in how large language models (LLMs) distinguish trusted instructions from untrusted text.

    “For an LLM, everything arrives through the same channel as one long token soup,” the team wrote. “Its own thoughts sit next to your instructions, which sit next to the contents of a random webpage it just fetched.”

    The paper also pointed to what the researcher called “role confusion,” with models relying on writing style rather than role tags to determine whether commands are trustworthy. Instead of recognizing attacker-controlled content as external input, the researchers found models can mistake it for legitimate user commands—or even their own internal reasoning.

    “Think about it from the LLM’s perspective. When it sees its prior think text, it implicitly trusts its conclusions. That’s the whole point of reasoning: If the LLM had to re-derive the same conclusions, reasoning would be useless,” they wrote. “So think text gets a kind of blanket trust. Combined with our previous findings, this suggests that if you can make injected text sound like the model’s reasoning, you can steal that trust.”

    Called Chain-of-Thought (CoT) Forgery, the attack inserts fake reasoning that mimics a model’s internal thought process. Models that would normally refuse illegal requests instead generated cocaine synthesis instructions after accepting the fabricated reasoning as their own.

    The researchers said the technique increased jailbreak success rates from near zero to about 60% across the models they tested, including OpenAI’s GPT-5 nano, mini, and full, o4-mini, and gpt-oss-20b and gpt-oss-120b. They also said it worked on GLM-4.6, Kimi-K2-Instruct, and MiniMax-M2.

    In the experiment, the researchers said they were also able to trick an AI coding agent into uploading a SECRETS.env file after hiding malicious instructions in a webpage.

    “Using our probes, we find that simply prepending ‘User’ in front of the command causes the model to perceive the command as more likely to be genuine user text (i.e., higher Userness),” they wrote. “In other words, the attacker can just claim what role the text is, and the LLM believes it.”

    The study comes as prompt injection attacks continue to expose weaknesses in AI agents. In April, Google researchers warned that malicious web pages were hiding invisible instructions designed to trick AI agents into leaking credentials, deleting files, and even sending PayPal payments.

    In June, Microsoft disclosed a prompt injection vulnerability in Anthropic’s Claude Code GitHub Action that could have exposed credentials stored in software development pipelines. Days later, another benchmark study found AI agents powered by GPT-5 and Gemini still failed the majority of prompt injection attacks, despite improvements in model capabilities.

    Daily Debrief Newsletter

    Start every day with the top news stories right now, plus original features, a podcast, videos and more.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    OpenAI Offers US Government a $42 Billion Slice of Itself: Report

    07/02/2026

    FBI Director Kash Patel’s Undisclosed Stock Buy in Bitcoin Giant Strategy Is Down 44%

    07/02/2026

    Standard Chartered Becomes First Global Bank to Offer Direct USDC Access to Institutions

    07/02/2026

    Crypto Strategist Who Nailed 2025 Bitcoin Peak Says BTC Close to ‘Turning North’ – Here’s Why

    07/02/2026
    Add A Comment

    Leave A Reply Cancel Reply

    Top Posts

    Millennials Are Quitting Job to Become Day Traders

    01/20/2021

    Jack Dorsey Says Bitcoin Will Unite The World

    01/15/2021

    Hong Kong Customs Arrest Four in Crypto Laundering Bust

    01/15/2021

    Subscribe to Updates

    Get the latest sports news from SportsSite about soccer, football and tennis.

    Advertisement
    Demo
    Facebook Twitter Instagram Pinterest YouTube
    Top Insights

    OpenAI Offers US Government a $42 Billion Slice of Itself: Report

    07/02/2026

    Wavespace Launches MiCA-Compliant Self-Custodial Bitcoin Debit Card Powered By Lightning And NWC

    07/02/2026
    Get Informed

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    © {2025-2026} Copyright CryptocNews.com
    • Home
    • Business
    • Markets
    • Technology
    • Contact us

    Type above and press Enter to search. Press Esc to cancel.