SShortSingh.
Back to feed

Researcher Bypasses Fable 5 AI Defenses After 20-Hour Effort

0
·1 views

Security researcher Vitto Rivabella successfully found a way around the multi-layered protections built into Fable 5, an AI model. The system's defenses analyze prompt meaning, intent, conversation history, and even the model's own responses, with some filters capable of halting answers mid-generation. Rivabella's bypass required roughly 20 hours and involved techniques such as rare languages, Unicode manipulation, academic framing, and breaking requests into smaller parts. Despite the success, he was unable to achieve a stable bypass for longer tasks. He noted that conventional web search remains a faster and cheaper alternative for obtaining restricted information.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Researchers Warn AI Coding Agents Are Being Hijacked via Fake Bug Reports

Security researchers have identified a scalable attack technique called 'Agentjacking,' in which malicious actors embed hidden instructions inside fake bug reports submitted to AI coding agents. Because these agents are built to read and act on issue content, they execute the injected commands as if they were legitimate tasks. The attack requires minimal effort — a convincing bug report with a concealed directive is enough — and works across common intake channels like GitHub Issues, Jira tickets, and support emails. Once triggered, the injected instructions run with the full permissions granted to the agent, including file system access, API keys, and network capabilities. Conventional defenses such as web application firewalls and input sanitization are ineffective because the attack exploits the semantic meaning of text rather than structural vulnerabilities in data.

0
ProgrammingDEV Community ·

282 of 444 iOS AI Chatbot Apps Found Leaking API Keys in Network Traffic

A study of 444 iOS AI chatbot apps found that 282 of them are exposing API keys or tokens through plaintext network traffic, with some backends requiring no authentication at all. The primary risk is financial: stolen API keys allow attackers to run up large bills on a developer's LLM account, potentially costing thousands of dollars before any anomaly is detected. Researchers note that apps with completely unauthenticated backends present an even greater threat than leaked keys, as they function as open proxies usable by anyone who discovers the endpoint. Security experts say the root cause is a widespread practice of building mobile apps that directly hold API credentials for paid upstream services, rather than routing requests through a secure, developer-controlled backend. The recommended fix — having the app authenticate to a developer's own backend, which then holds and uses the upstream key — is well-established but is evidently not being widely adopted in the current wave of AI app development.

0
ProgrammingDEV Community ·

How a Developer-Focused Password Manager Can Secure SSH Keys and API Tokens

A developer writing for DEV Community argues that switching to a developer-first password manager like 1Password transformed their workflow beyond simple login storage. The tool manages SSH keys, API tokens, and database URLs, with an SSH agent that keeps private keys off disk entirely. Using the CLI tool 'op run', environment files store only vault references rather than real credentials, which are injected at runtime and discarded when the process ends. The setup also enables Git commit signing via SSH keys already stored in the vault, requiring just three shell commands. The author notes a security benefit: malicious npm post-install scripts that scan for plaintext credentials in common directories would find nothing, eliminating one of the most common attack vectors.

0
ProgrammingDEV Community ·

How to Fix Symfony Messenger's Dual-Write Problem Using a Transactional Outbox

The dual-write problem occurs when an application writes to a database and a message broker separately, with no shared transaction guaranteeing both succeed or fail together. In Symfony Messenger, using DispatchAfterCurrentBusStamp with the doctrine_transaction middleware prevents ghost events but still leaves a gap where a committed order may never notify downstream systems if the broker is unavailable. The true fix is a transactional outbox pattern, where the event record is inserted into the database within the same transaction as the business data. Symfony Messenger's Doctrine transport acts as a database table, meaning routing messages to it causes a plain SQL INSERT that can participate in an open transaction. By wiring the dispatch to a Doctrine transport without deferring it past the commit, both the order and the outbox event are saved atomically, closing the reliability gap entirely.

Researcher Bypasses Fable 5 AI Defenses After 20-Hour Effort · ShortSingh