Need models

After reading this article, you will gain a new perspective on the challenge everyone faces with the deployment of LLMs and the genuinely spectacular ways they are already failing. Leaking initial prompts, jailbreaking, and biases are not even scratching the surface. We'll be talking full-blown AI mind viruses.

Encoded Inline Jailbreak
To craft a user message that doesn't trigger the outer filter is still trivial: Just Base64 encode it! You could use any other encoding or substitution cipher; it doesn't matter.

I'm just asking Bing to decode the prompt from above inside of its inner monologue (yes, Bing can talk to itself), and voila

Spreading
We also show that injected prompts can replicate themselves through any channel the AI can access. If it manages your e-mails, why not spread the injection to all your contacts?

Or take Microsoft's new Outlook integration with Copilot- it should provide all the primitives needed for such an attack.

betterprogramming.pub/the-dark-side-of-llms-we-need-to-rethink-large-language-models-now-6212aca0581a