The Hidden Dangers of AI: Understanding & Preventing LLM and AI Agent Attacks — Part 1

How easy is it to hack AI? Easier than you think. In this hands-on workshop delivered to ITI students, we go full offensive on Large Language Models. We start with the foundations — how LLMs actually work, their architecture, attack surfaces, trust boundaries, and guardrails — then tear through the OWASP LLM Top 10 (LLM01–LLM10): Prompt Injection (direct & indirect), Sensitive Information Disclosure, Supply Chain Vulnerabilities, Data & Model Poisoning, Insecure Output Handling, Excessive Agency, System Prompt Leakage, Vector & Embedding Weaknesses, Misinformation, and Unbounded Consumption. Every vulnerability is demonstrated live with real-world examples and hands-on labs — including injecting a refund bot, triggering XSS through an LLM, leaking system prompts, and exploiting unbounded consumption. Samsung leaked source code through ChatGPT. A Chevrolet chatbot was tricked into selling a car for $1. A lawyer cited fake cases hallucinated by AI. These aren't edge cases — they're the new attack surface. This workshop is for educational purposes only. All attacks are performed in controlled lab environments. Download the slides: https://drive.google.com/file/d/1wCOw... Part 2:    • The Hidden Dangers of AI: Understanding & ...   #AISecurity #LLMHacking #OWASP #PromptInjection #RedTeam #EthicalHacking #AgenticAI #ITI