How Hackers Are Breaking Modern AI Systems & How Bug Bounty Programs Can Keep Up
Bug Bounty Village @ DEF CON 33 · Day 1 · Bug Bounty Village
In this insightful talk from Bug Bounty Village, Dane Sherrits and Shlomi, both seasoned bug bounty hunters and experts at HackerOne, delve into the rapidly evolving landscape of AI security. Titled "Securing Intelligence: How Hackers Are Breaking Modern AI Systems & How Bug Bounty Programs Can Keep Up," the presentation explores the unique vulnerabilities emerging with the proliferation of artificial intelligence, particularly large language models (LLMs) and autonomous agents. The speakers, who have extensively researched and exploited AI systems in their day jobs and as hobbyist hackers, share real-world examples of bugs they've uncovered, the methodologies they employed, and the broader implications for both offensive and defensive security practitioners.
AI review
Two HackerOne practitioners sharing real bug bounty war stories on AI systems — the Virtuals crypto credential chain, the DoD bias competition, and the Grace Swan indirect prompt injection demo are all legitimate field work with honest detail. The content is accessible and practitioner-useful, but it's a survey talk, not a research contribution: nothing here will surprise anyone who's been paying attention to AI security for the past 18 months.