Hackers are learning to exploit chatbot ‘personalities’

The article says early chatbot jailbreaks were often simple prompts that tricked AI systems into ignoring safety rules. Attackers are now learning to exploit chatbot personalities, tailoring prompts to how different models respond and where their guardrails are weakest.

As AI assistants become more customized and personable, their style and behavioral quirks can create new security surfaces. This points to a shift from generic prompt attacks toward more targeted social engineering of AI systems, raising the bar for safety testing and model governance.

This is The Stepback, a weekly newsletter breaking down one essential story from the tech world. For more on AI mischief, follow Robert Hart. The Stepback arrives in our subscribers' inboxes at 8AM ET. Opt in for The Stepback here. How it started Hacking the first generation of AI chatbots was a laughably simple affair. You didn't need any technical know-how, backdoor access, or even a basic understanding of what a large language model was. You didn't need to code. To get an AI system that had cost billions to build to abandon its safety instructions, sometimes all you had to do was ask. These attacks, known as jailbreaks, had the quality … Read the full story at The Verge.