Indirect Prompt Injections in the Wild – Real World exploits and mitigations

Indirect Prompt Injections in the Wild – Real World exploits and mitigations

Johann Rehberger

With the rapid growth and widespread use of AI and Large Language Models (LLMs), users are facing an increased security risk of scams, data exfiltration, loss of personally identifiable information (PII), and even the threat of remote code execution.

This talk aims to shed light on emerging attack techniques like Indirect Prompt Injections (a vulnerability at the very core of LLM Agents), Cross-Plugin Request Forgery, Data Exfiltration, and more.

The session kicks off with a basic introduction to LLMs, leading to an in-depth exploration of real-world security exploits. We’ll illustrate these challenges using concrete examples and exploits from well-known platforms such as ChatGPT, Google Bard, Bing Chat and Anthropic Claude. The examples will dive into how the attack payloads behind such attacks look like in detail.

The talk will also cover mitigation strategies, and for instance how Microsoft and Anthropic fixed data exfiltration angles reported by the speaker in their Chatbots, providing attendees with practical insights to tackle these cybersecurity issues.


Johann Rehberger has over twenty years of experience in threat analysis, threat modeling, risk management, penetration testing, and red teaming. As part of his many years at Microsoft, Johann established a Red Team in Azure and led the program as Principal Security Engineering Manager. He also built out a Red Team at Uber, helped create (a startup to bring cloud based development environments to the masses) and currently is Red Team Director at Electronic Arts. Johann is well versed in analysis, design, implementation, and testing of software systems. Additionally, he enjoys providing training and was an instructor for ethical hacking at the University of Washington. Johann contributed to the MITRE ATT&CK framework and also the OWASP Top 10 for LLMs. Johann also is a published author of the successful book named “”Cybersecurity Attacks – Red Team Strategies””, and he holds a master’s in computer security from the University of Liverpool. Johann regularly blogs at

More Upcoming Events

No hay próximos eventos en este momento.