AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

HITCON CMT 2023 - LLM Security Presentation and Trip Report

infonewsLLM-Specific

securityresearch

Source: Embrace The RedSeptember 18, 2023

Summary

This article is a trip report from HITCON CMT 2023, a security conference in Taiwan, where the author attended talks on various topics including LLM security, reverse engineering with AI, and application exploits. Key presentations covered indirect prompt injections (attacks where malicious instructions are hidden in data fed to an AI system), Electron app vulnerabilities, and PHP security issues. The author gave a talk on indirect prompt injections and notes this technique could become a significant attack vector for AI-integrated applications like chatbots.

Classification

Attack Type

Prompt Injection

Attack SophisticationModerate

Impact (CIA+S)

integrity

AI Component TargetedAPI

Affected Vendors

Related Issues

high

AI Kill Chain in Action: Devin AI Exposes Ports to the Internet with Prompt Injection

Similar attackEmbrace The Red

medium

CVE-2024-45989: Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Act

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 82%