Webinar

SpAIware & More: Advanced Prompt Injection Exploits in LLM Applications

Thursday, May 29, 2025

2:00 - 3:00 PM Eastern

60 minutes, including Q&A

Registration

This talk explores advanced prompt injection exploits targeting widely used LLM applications, including Microsoft Copilot, Google Gemini, Google NotebookLM, Apple Intelligence, GitHub Copilot Chat, Anthropic Claude and others. Using real-world demonstrations, we will discuss the following threats in detail:

  • Misinformation, Phishing, and Scams: Including advanced techniques such as conditional instructions.
  • Automatic Tool Invocation: Exploiting tool integration to escalate privileges, extract sensitive data, or modify system configurations.
  • Data Exfiltration: Leveraging strategies, such as markdown and hidden payloads, to bypass security controls and leak data.
  • SpAIware and Persistence: Manipulating LLM memory for long-term control and persistence.
  • ASCII Smuggling: How LLMs can hide secrets and craft hidden text invisible to users.

For each threat category, we will discuss mitigations and show how vendors are addressing these vulnerabilities.

Sponsored by:

Knostic

Speakers

Johann Rehberger

Security Researcher, Red Team Director

embracethered.com

Johann Rehberger has over twenty years of experience in threat modeling, risk management, penetration testing, and red teaming. During his tenure at Microsoft, Johann established a Red Team within Azure Data and led the program as Principal Security Engineering Manager. He went on to build a Red Team at Uber, and currently serves as Red Team Director at Electronic Arts. In addition to his industry roles, Johann is an active security researcher and a former instructor in ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK and ATLAS frameworks and is the author of "Cybersecurity Attacks – Red Team Strategies". He holds a master's degree in computer security from the University of Liverpool. You can find his latest research at embracethered.com

Steve Paul

Moderator

Black Hat

Upcoming Events

Blog

Stay Connected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

Review Board

Training Review Board

Sustaining Partners