Learn Prompting

🔥 HackAPrompt is BACK! 10+ months ago, we launched the first-ever global Prompt Hacking competition, bringing together an insane community of hackers: • 3K+ hackers • 600K malicious prompts • $35K in prizes And guess what? We’re doing it again—this time, even BIGGER. 🚀 📌 HackAPrompt 1.0 Highlights: • Analyzed 29 techniques and discovered a new exploit 🔓 • Results published in EMNLP 2023 • Created the HackAPrompt Dataset, now used by leading companies to train their LLMs. 📌 Past Sponsors: Supported by industry giants like OpenAI, Stability AI, Hugging Face, Snorkel AI, Scale AI, and more. 💡 Want to join HackAPrompt 2.0? HackAPrompt 2.0 is launching soon! - Up to $500,000 in prizes - Collaborate with top minds in AI safety - Open to everyone (no coding track available!) It will be the biggest AI Red Teaming competition ever. 👉🏼 Join here: https://lnkd.in/ehtsKGbM ♻️ Reshare this to spread the word!

AI agents are increasingly responsible for handling crypto, executing smart contracts, and managing blockchain data. Recent research highlights their vulnerability to subtle yet powerful attacks. A new paper identifies one new major threat: Memory injection - an attack that embeds malicious instructions into an AI's memory. These instructions persist across sessions, platforms, and even users. ➡️ How it works AI agents in blockchain systems utilize LLMs to: - Understand user instructions - Interact with smart contracts - Execute transactions - Maintain persistent memory These systems heavily depend on context, including current prompts, external data, past decisions, and stored memory. ➡️ Why memory injection is dangerous Memory injection poses a unique threat, distinct from prompt injection, because it: - Activates later across multiple sessions - Mimics legitimate context - Bypasses typical security checks - Can propagate across platforms and users ➡️ Defense strategies Short-term solutions include: - Whitelisting transaction targets - Multi-layer verification for high-risk actions Long-term: - Develop context-aware models that understand their environment, role, and risks, similar to financial professionals. These findings highlight real security risks in AI agent design. A must-read if your systems rely on persistent AI, especially in fintech. Explore the full paper: https://lnkd.in/eHgtiCdq Stress-test AI systems at HackAPrompt 2.0: https://lnkd.in/e-Y_6WR6

Google DeepMind introduced Gemma 3. This model is designed to run efficiently on phones, laptops, workstations, and cloud platforms. Key capabilities: ➡️ Multimodal support - Processes both text and images using a custom SigLIP vision encoder - Adopts a "Pan & Scan" approach to manage various image aspect ratios - Facilitates image-based reasoning and text reading within visuals ➡️ 128K context window - Manages large documents and codebases with a new 5:1 local-to-global attention layer ratio - Reduces memory overhead from 60% to less than 15% ➡️ Multilingual and instruction-tuned - Supports over 140 languages - Post-trained for reasoning, math, and instruction following - Gemma3-27B-IT performs competitively with much larger models in early benchmarks ➡️ Efficient deployment - Operates on consumer GPUs, TPUs, and AMD via ROCm - Supports quantized formats: int4, fp8, and more - Easy integration via Hugging Face, Vertex AI, Cloud Run, or local environments Original paper: https://lnkd.in/gSJjZ5UC

Here's what you need to know about OpenAI Codex CLI: Alongside the release of o3 and o4-mini, OpenAI introduced Codex CLI. It's an open-source terminal-native agent for coding tasks, integrating with tools and multimodal reasoning. 👉 github.com/openai/codex

We are hiring a technical writer to help write documentation on prompt engineering techniques. Please reach out if this is you: - 3+ years of technical AI writing - Research background - Passion for education Inquiries to: sander@learnprompting.org

Thinking of building AI agents? OpenAI just dropped a practical guide. Here's a breakdown of the most important takeaways:

Hacking Gemini using its own fine-tuning API? A team from UC San Diego and the University of Wisconsin-Madison has discovered a way to bypass AI model safety measures. They used Google's fine-tuning API to enhance prompt injection attacks against Gemini models. They call this technique Fun-Tuning. ➡️ What's the core idea? Fun-Tuning exploits fine-tuning APIs to influence model behavior without altering the model itself. Here's how it works: - Utilizes a minimal learning rate to prevent weight modifications - Collects loss values to measure model errors - Employs a greedy search to refine attack prompts - Recovers hidden loss order to strategically create bypasses ➡️ Why it matters - It works on closed models like Gemini - It uses legitimate fine-tuning APIs - It's systematic, repeatable, and scalable ➡️ In tests with the PurpleLlama benchmark: - Gemini 1.0 Pro: attack success rose from 43% to 82% - Gemini 1.5 Flash: 28% to 65% Some tasks, like identity bypasses, succeeded over 80% of the time. ➡️ Bigger picture: AI utility vs. security This research highlights a key trade-off: - Developers need detailed training feedback - But that feedback can be weaponized ➡️ As AI systems scale, fine-tuning security will be critical. Companies must rethink: - What loss signals are exposed - How fine-tuning APIs are monitored - How to design safer interfaces Original paper: https://lnkd.in/eNK7ue4N Want to help secure AI systems? Join HackAPrompt 2.0: https://lnkd.in/e-Y_6WR6

Announcing a new guest speaker: Joseph Thacker! Joseph is a solo founder and bug bounty hunter. He has contributed to over 1,000 security findings through HackerOne and Bugcrowd and has found vulnerabilities that saved companies millions. He specializes in red-teaming production AI models and identifying adversarial weaknesses for Fortune 500 companies. Joseph also hacked into Google Bard at their LLM bug bounty event, securing 1st place in the competition! He'll be joining our AI Security Masterclass starting April 28. Spots are filling fast: https://lnkd.in/edJtu6jA

Google just introduced Gemini 2.5 Flash, a new language model with detailed control over reasoning. It's fast, cost-effective, and lets you decide how much the model "thinks" before responding: 1. Gemini 2.5 Flash is a "thinking model" akin to Gemini Pro but more affordable and faster. You can now adjust its reasoning with a thinking_budget. Turn it off entirely or increase it for more complex prompts. 2. Different use cases require various trade-offs among speed, cost, and quality. Flash allows you to adjust all three in real time. Low: - "Thank you" in Spanish - "How many provinces are in Canada?" Medium: - Dice probabilities - Scheduling gym time with constraints High: - Engineering stress calculations - Dependency-resolving spreadsheet functions 3. Google suggests these use cases: - Fast chatbots with occasional deep logic - Smart form validation - Lightweight analysis tools - Education and coding assistants - Hybrid workflows with variable complexity 4. Available now in preview: - Gemini API - Google AI Studio - Vertex AI - Gemini app (as a model dropdown)

Just found a killer tool: PDF2Audio. It turns any PDF into a podcast, lecture, or summary using the latest OpenAI models. You can fully customize the format, tone, and speaker. Built with Gradio + Hugging Face. Super useful: https://lnkd.in/eKBY7jgj