Gives the primary methods of LLM attacks (in 2024, which are still relevant)

Deep dive: Prompt Injection 101 for Large Language Models

This shows common examples of vulnerability and example attack scenarios

Shows evidence that adversarial poetry functions as a universal single-turn jailbreak technique for Large Language Models (LLMs). Across 25 frontier proprietary and open-weight models, curated poetic prompts yielded high attack-success rates (ASR)

Some jailbreak and prompt-injection defenses use LLMs to evaluate LLM outputs, creating a shared failure mode that allows simple prompt injections to bypass guardrails undetected.

Token smuggling refers to techniques that bypass content filters while preserving the underlying meaning. It often focuses on exploiting the way language models process and understand text

NINJA (short for Needle-in-haystack jailbreak attack), a method that jailbreaks aligned LMs by appending benign, model-generated content to harmful user goal

The machine learning community collaborates on models, datasets, and applications.

A Deep Dive into LLM Attacks and Countermeasures, by Nirvana El

How insecure plug-in design enables attackers to automatically launch malicious requests

This is an extensive post. They suggest first reviewing the overview and empirical results sections to identify the most promising methods you’d like to explore or experiment with.