Al Mayadeen English

  • Ar
  • Es
  • x
Al Mayadeen English

Slogan

  • News
    • Politics
    • Economy
    • Sports
    • Arts&Culture
    • Health
    • Miscellaneous
    • Technology
    • Environment
  • Articles
    • Opinion
    • Analysis
    • Blog
    • Features
  • Videos
    • NewsFeed
    • Video Features
    • Explainers
    • TV
    • Digital Series
  • Infographs
  • In Pictures
  • • LIVE
News
  • Politics
  • Economy
  • Sports
  • Arts&Culture
  • Health
  • Miscellaneous
  • Technology
  • Environment
Articles
  • Opinion
  • Analysis
  • Blog
  • Features
Videos
  • NewsFeed
  • Video Features
  • Explainers
  • TV
  • Digital Series
Infographs
In Pictures
  • Africa
  • Asia
  • Asia-Pacific
  • Europe
  • Latin America
  • MENA
  • Palestine
  • US & Canada
BREAKING
Israeli media: Israeli commando forces conduct airdrops in two locations in the Damascus countryside.
Israeli media platform: Israeli army forces carry out a commando operation in the al-Kiswah area of the Damascus countryside.
Syrian media outlets: Israeli helicopters flying at low altitude over Tal Mani in the Damascus countryside.
Israeli media platform: Israeli aircraft bomb Syrian bases simultaneously with tanks entering the southern outskirts of Damascus.
Israeli media: Israeli forces infiltrated the town of Beit Jann south of Damascus, and a new airstrike hit al-Kiswah.
Syrian media: Four Israeli helicopters have touched down in the southern city of Sweida.
UN Security Council member states, excluding the United States, confirm that there is a famine in Gaza.
Syrian media: The Israeli occupation forces launch a series of airstrikes in the western Damascus countryside.
Al Mayadeen correspondent: 51 people martyred in Israeli aggression on Gaza since Wednesday morning.
Saree: Yemen will not abandon its stance in support of Gaza no matter the challenges and repercussions until the blockade imposed on the territory is lifted and the aggression it is facing is halted.

Most AI chatbots vulnerable to jailbreaks, study warns

  • By Al Mayadeen English
  • Source: News websites
  • 21 May 2025 14:45
  • 1 Shares
4 Min Read

A universal jailbreak tricked top AI chatbots into giving harmful answers, exposing major security flaws in LLM design and regulation.

Listen
  • x
  • The OpenAI logo appears on a mobile phone in front of a screen showing part of the company website in this photo taken on November 21, 2023 in New York (AP/Peter Morgan)
    The OpenAI logo appears on a mobile phone in front of a screen showing part of the company website in this photo taken on November 21, 2023 in New York (AP/Peter Morgan)

A new academic report has found that most popular AI-powered chatbots are easily tricked into producing harmful and illegal content. The study highlights what it describes as a “tangible and deeply concerning” threat, as “jailbroken” chatbots can now deliver illicit information they absorbed during training.

Despite built-in safety systems intended to block inappropriate or dangerous queries, researchers say these protections can be bypassed through jailbreaking, specially crafted prompts designed to override safety guardrails.

Chatbots such as ChatGPT, Gemini, and Claude rely on large language models (LLMs) trained on massive troves of internet data, which contain material related to illegal activities, including hacking, money laundering, drug manufacturing, and bomb-making. While efforts have been made to filter such content from training datasets, the underlying models still retain knowledge of it.

According to the researchers, jailbreaks exploit a fundamental tension in LLM design: while the primary objective of these models is to fulfill user commands, their safety measures are secondary, making them vulnerable to manipulation.

Researchers develop a universal jailbreak

The study was led by Professor Lior Rokach and Dr. Michael Fire of Ben Gurion University of the Negev in the occupied Palestinian territories. Their team developed a universal jailbreak that successfully compromised multiple leading AI chatbots, compelling them to respond to nearly any prompt, including those that would normally trigger a refusal.

“It was shocking to see what this system of knowledge consists of,” said Fire. The researchers documented instances in which chatbots, once jailbroken, provided detailed guidance on hacking, drug manufacturing, and other criminal activities.

Rokach emphasized the unprecedented danger posed by this capability. “What sets this threat apart from previous technological risks is its unprecedented combination of accessibility, scalability, and adaptability,” he said.

Some of the dark LLMs identified in the study are explicitly marketed online as having "no ethical guardrails" and promoting their willingness to assist in cybercrime, fraud, and other illegal activities.

AI companies fail to respond adequately

After identifying the vulnerability, the researchers alerted major LLM providers. However, they described the response as “underwhelming,” while several companies either failed to respond or dismissed the jailbreak issue as outside the scope of their security bounty programs, which are designed to reward ethical hackers for reporting vulnerabilities.

The authors argue that without a serious shift in how tech firms address model-level risks, AI security will remain fragile. They call for comprehensive screening of training data, the deployment of robust query firewalls, and the development of "machine unlearning" methods to help chatbots forget dangerous material.

According to the report, dark LLMs should be classified as severe security threats, comparable to unlicensed weapons or explosives, and providers should face accountability for any misuse.

Dark LLMs compared to unlicensed weapons

External experts have shared the same concerns raised by the study. Dr. Ihsen Alouani, a researcher in AI security at Queen’s University Belfast, warned that jailbreak attacks on LLMs could enable real-world harm, from disinformation and social engineering to automated scams and weapon-making guides.

“A key part of the solution is for companies to invest more seriously in red teaming and model-level robustness techniques, rather than relying solely on front-end safeguards,” Alouani said, adding, “We also need clearer standards and independent oversight to keep pace with the evolving threat landscape.”

Commented for @Forbes on the dangers of poorly trained #AI

The recent story of Google Gemini outputting harmful content to its users highlights the #risks of operating #LLMs and the critical need for continuous testing of models and their guardrails https://t.co/pxv0hYLyoW

— Peter Garraghan (@DrGarraghan) November 27, 2024

Professor Peter Garraghan of Lancaster University, who specializes in AI security, agreed that current safeguards are insufficient. “Organisations must treat LLMs like any other critical software component, one that requires rigorous security testing, continuous red teaming and contextual threat modelling,” he said.

Garraghan added that meaningful AI security demands not only responsible disclosure but also responsible design and deployment.

Industry responds to growing pressure

OpenAI, the company behind ChatGPT, responded by pointing to improvements in its latest “o1” model, which it says demonstrates increased resilience to jailbreak attempts due to its ability to reason about internal safety policies.

Microsoft, another major AI provider, shared a blog post outlining its ongoing work to strengthen protections against such exploits. Other tech giants, including Meta, Google, and Anthropic, have yet to publicly respond to the study’s findings.

  • Artificial Intelligence
  • ChatGPT
  • gemini
  • jailbroken AI
  • LLMs
  • Chatbots
  • AI security

Most Read

Almost instantly after the Helsinki Accords were signed, organisations sprouted to document purported violations, whose findings were fed to overseas embassies for international amplification. (Al Mayadeen English; Illustrated by Zeinab el-Hajj)

How ‘Human Rights’ became a Western weapon

  • Opinion
  • 23 Aug 2025
Israeli soldiers stand on the top of armoured vehicles parked on an area near the Israeli-Gaza border, as seen from southern Israel, Wednesday, Aug. 20, 2025 (AP)

Palestinian fighters target Israeli soldiers, vehicles in Gaza

  • Politics
  • 21 Aug 2025
Tom Barrack's imperial tantrum in Beirut: When entitlement speaks (Photo by Mahdi Rtail)

Tom Barrack's imperial tantrum in Beirut: When entitlement speaks

  • Politics
  • 26 Aug 2025
Launch of a ballistic missile from Yemen toward the occupied Palestinian territories. (YAF military media)

Yemeni Forces announce firing hypersonic missile at Al-Lydd Airport

  • Politics
  • 22 Aug 2025

Coverage

All
The Ummah's Martyrs

Read Next

All
Pope Leo XIV delivers the Angelus prayer in St. Peter's Square at the Vatican, Sunday, Aug. 24, 2025 (AP)
Politics

Pope Leo demands Gaza ceasefire, prisoner exchange deal

Palestinians pray over the bodies of people who were killed in an Israeli military strike, during their funeral outside Shifa Hospital, in Gaza City, Friday, August 22, 2025 (AP)
Politics

'Israel’s' 'double-tap' strike on Gaza hospital must be probed: UN

Vice President Mike Pence speaks at the the American Israel Public Affairs Committee (AIPAC) 2020 Conference, Monday, March 2, 2020 in Washington. (AP Photo/Alex Brandon)
Politics

Ex-AIPAC-funded lawmakers back bill to halt US weapons to 'Israel'

A boat sails at sea near Nuuk, Greenland, Wednesday, June 18, 2025 (AP)
Politics

Denmark calls in US envoy over covert Trump-linked Greenland influence

Al Mayadeen English

Al Mayadeen is an Arab Independent Media Satellite Channel.

All Rights Reserved

  • x
  • Privacy Policy
  • About Us
  • Contact Us
  • Authors
Android
iOS