Hack AI Easily? Discover How to Protect Your Cloud Apps 🔒
Join us as AI security expert Jason Haddix reveals how hacking AI is surprisingly simple and shares tips to safeguard your cloud applications. Don't miss this eye-opening insight!
NetworkChuck
923.1K views • Aug 12, 2025
About this video
Want to deploy AI in your cloud apps SAFELY? Let Wiz help: https://ntck.co/wiz
Can you hack AI? In this video I sit down with elite AI hacker Jason Haddix to unpack how attackers compromise AI-enabled apps—not just jailbreak chatbots, but exfiltrate customer data, abuse tool calls, and pivot across systems. We walk through his six-part AI pentest blueprint, play the Gandalf prompt-injection game, and demo wild techniques like emoji smuggling and link smuggling. You’ll see real-world cases (think Slack salesbots + Salesforce leaks), why MCP (Model Context Protocol) and agentic frameworks can widen the blast radius, and then we flip to defense: web-layer fundamentals, a “firewall for AI” on inputs/outputs, and least-privilege for data and tools—plus a hands-on demo you can try. If you’re building with AI in 2025, this is your wake-up call (and your roadmap). Educational content only—hack ethically and only with permission.
📌 Watch the Full Interview here: https://youtu.be/2Z-9EOyb6HE
Links and STUFF
—--------------------------------------------------------
Practice Prompt Injection: https://gandalf.lakera.ai/baseline
Pliney's Github: https://github.com/elder-plinius
Follow Jason Everywhere:
X: https://x.com/Jhaddix
Linkedin: https://www.linkedin.com/in/jhaddix/
Instagram: https://www.instagram.com/j.haddix56/
Tiktok: https://www.tiktok.com/@jhaddix56
Checkout Jason’s courses:
Website: https://www.arcanum-sec.com/
Training Overview: Training: https://www.arcanum-sec.com/training-overview
Attacking AI course: https://www.arcanum-sec.com/training/attacking-ai
Hacking your career: https://www.arcanum-sec.com/training/hack-your-brand
🔥🔥Join the NetworkChuck Academy!: https://ntck.co/NCAcademy
**Sponsored by Wiz.io
00:00 - Hack companies through AI?
00:58 - What does “hacking AI” really mean?
01:43 - AI pentest vs. red teaming (6-step blueprint)
02:42 - Prompt Injection 101 (why it’s so hard)
04:14 - Try it live: Gandalf prompt-injection game
05:09 - Jailbreak taxonomy: intents, techniques, evasions
05:55 - Emoji smuggling + anti-classifier demo
07:23 - Link smuggling (data exfiltration trick)
11:38 - Real-world leaks: Salesforce/Slack bot case
13:47 - MCP security risks & blast radius
16:55 - Can AI hack for us? Agents & bug bounties
20:52 - Defense in depth: web, AI firewall, least privilege
24:57 - Jason’s Magic Card: GPT-4o system prompt leak (wild story)
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: https://ntck.co/Premium
☕☕ COFFEE and MERCH: https://ntck.co/coffee
Check out my new channel: https://ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: https://discord.gg/networkchuck
STUDY WITH ME on Twitch: https://bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: https://bit.ly/3rzZjzz
-Get your CCNA: https://bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: https://www.instagram.com/networkchuck/
Twitter: https://twitter.com/networkchuck
Facebook: https://www.facebook.com/NetworkChuck/
Join the Discord server: http://bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: https://geni.us/L6wyIUj
Amazon Affiliate Store: https://www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: https://geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to https://ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: https://hostifi.com/?via=chuck
Prompt Injection explained with live demos: Gandalf game, emoji smuggling, and link smuggling exfiltration.
AI Pentesting vs AI Red Teaming: a six-phase methodology for securing LLM apps end-to-end.
LLM jailbreak taxonomy: intents, techniques, evasions, and utilities—how attackers actually think.
RAG poisoning, tool-call abuse, and over-scoped API keys: the hidden risks in modern AI products.
MCP (Model Context Protocol) security: tools/resources/prompts, server hardening, and blast-radius control.
Agentic frameworks (LangChain, LangGraph, CrewAI) security pitfalls—and how to test them safely.
Real-world case study: Slack salesbot + Salesforce data exposure and what went wrong.
Defense in depth for AI: input/output validation, a firewall for AI (guardrails/classifiers), least privilege.
Bug bounty + AI: why mid-tier vulns are getting automated while human creativity still wins.
2025 AI security blueprint: map your attack surface, prevent system-prompt leaks, and lock down data access.
#promptinjection #aihacking #airedteaming
Can you hack AI? In this video I sit down with elite AI hacker Jason Haddix to unpack how attackers compromise AI-enabled apps—not just jailbreak chatbots, but exfiltrate customer data, abuse tool calls, and pivot across systems. We walk through his six-part AI pentest blueprint, play the Gandalf prompt-injection game, and demo wild techniques like emoji smuggling and link smuggling. You’ll see real-world cases (think Slack salesbots + Salesforce leaks), why MCP (Model Context Protocol) and agentic frameworks can widen the blast radius, and then we flip to defense: web-layer fundamentals, a “firewall for AI” on inputs/outputs, and least-privilege for data and tools—plus a hands-on demo you can try. If you’re building with AI in 2025, this is your wake-up call (and your roadmap). Educational content only—hack ethically and only with permission.
📌 Watch the Full Interview here: https://youtu.be/2Z-9EOyb6HE
Links and STUFF
—--------------------------------------------------------
Practice Prompt Injection: https://gandalf.lakera.ai/baseline
Pliney's Github: https://github.com/elder-plinius
Follow Jason Everywhere:
X: https://x.com/Jhaddix
Linkedin: https://www.linkedin.com/in/jhaddix/
Instagram: https://www.instagram.com/j.haddix56/
Tiktok: https://www.tiktok.com/@jhaddix56
Checkout Jason’s courses:
Website: https://www.arcanum-sec.com/
Training Overview: Training: https://www.arcanum-sec.com/training-overview
Attacking AI course: https://www.arcanum-sec.com/training/attacking-ai
Hacking your career: https://www.arcanum-sec.com/training/hack-your-brand
🔥🔥Join the NetworkChuck Academy!: https://ntck.co/NCAcademy
**Sponsored by Wiz.io
00:00 - Hack companies through AI?
00:58 - What does “hacking AI” really mean?
01:43 - AI pentest vs. red teaming (6-step blueprint)
02:42 - Prompt Injection 101 (why it’s so hard)
04:14 - Try it live: Gandalf prompt-injection game
05:09 - Jailbreak taxonomy: intents, techniques, evasions
05:55 - Emoji smuggling + anti-classifier demo
07:23 - Link smuggling (data exfiltration trick)
11:38 - Real-world leaks: Salesforce/Slack bot case
13:47 - MCP security risks & blast radius
16:55 - Can AI hack for us? Agents & bug bounties
20:52 - Defense in depth: web, AI firewall, least privilege
24:57 - Jason’s Magic Card: GPT-4o system prompt leak (wild story)
SUPPORT NETWORKCHUCK
---------------------------------------------------
➡️NetworkChuck membership: https://ntck.co/Premium
☕☕ COFFEE and MERCH: https://ntck.co/coffee
Check out my new channel: https://ntck.co/ncclips
🆘🆘NEED HELP?? Join the Discord Server: https://discord.gg/networkchuck
STUDY WITH ME on Twitch: https://bit.ly/nc_twitch
READY TO LEARN??
---------------------------------------------------
-Learn Python: https://bit.ly/3rzZjzz
-Get your CCNA: https://bit.ly/nc-ccna
FOLLOW ME EVERYWHERE
---------------------------------------------------
Instagram: https://www.instagram.com/networkchuck/
Twitter: https://twitter.com/networkchuck
Facebook: https://www.facebook.com/NetworkChuck/
Join the Discord server: http://bit.ly/nc-discord
AFFILIATES & REFERRALS
---------------------------------------------------
(GEAR I USE...STUFF I RECOMMEND)
My network gear: https://geni.us/L6wyIUj
Amazon Affiliate Store: https://www.amazon.com/shop/networkchuck
Buy a Raspberry Pi: https://geni.us/aBeqAL
Do you want to know how I draw on the screen?? Go to https://ntck.co/EpicPen and use code NetworkChuck to get 20% off!!
fast and reliable unifi in the cloud: https://hostifi.com/?via=chuck
Prompt Injection explained with live demos: Gandalf game, emoji smuggling, and link smuggling exfiltration.
AI Pentesting vs AI Red Teaming: a six-phase methodology for securing LLM apps end-to-end.
LLM jailbreak taxonomy: intents, techniques, evasions, and utilities—how attackers actually think.
RAG poisoning, tool-call abuse, and over-scoped API keys: the hidden risks in modern AI products.
MCP (Model Context Protocol) security: tools/resources/prompts, server hardening, and blast-radius control.
Agentic frameworks (LangChain, LangGraph, CrewAI) security pitfalls—and how to test them safely.
Real-world case study: Slack salesbot + Salesforce data exposure and what went wrong.
Defense in depth for AI: input/output validation, a firewall for AI (guardrails/classifiers), least privilege.
Bug bounty + AI: why mid-tier vulns are getting automated while human creativity still wins.
2025 AI security blueprint: map your attack surface, prevent system-prompt leaks, and lock down data access.
#promptinjection #aihacking #airedteaming
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
923.1K
Likes
35.3K
Duration
26:39
Published
Aug 12, 2025
User Reviews
4.8
(184) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.
No specific trending topics match this video yet.
Explore All Trends