2026-05-07 –, IFEN room 2, Workshops and AI Security Village (Building D)
AI agents are no longer simple chatbots—they're autonomous systems equipped with powerful tools including shell access, file operations, and database queries. But what happens when an attacker asks nicely?
In this talk, we present a real-world vulnerability discovered in a production AI platform where we achieved full system command execution through natural language conversation. Starting with simple reconnaissance. When the AI initially denied access, we researched and deployed a jailbreak technique that bypassed safety guardrails—all through conversation.
The result? Reading /etc/passwd, enumerating system information, and letting the AI run reconnaissance commands for us. No credentials. No exploits. Just conversation.
Attendees will learn:
- How AI agent architectures create new attack surfaces
- Practical jailbreak techniques for tool-enabled LLMs
- The "Confused Deputy" problem in AI systems
- Defense strategies for securing AI agents
Parth Shukla is a Senior Security Researcher specializing in AI Security and Adversarial Machine Learning. With a deep background in offensive security, he currently focuses on the security architecture of Agentic Systems and LLMs. His research bridges the gap between traditional application security and the probabilistic risks of modern AI.