Skip to main content
  1. Home
  2. Computing
  3. News

This sneaky photo trick gets AI chatbots to ignore their safety rules

Florida International University researchers built a method that nearly doubled the rate of harmful responses from a tested AI model using nothing but pixel-level edits in an image.

By
Add as a preferred source on Google
JaiLIP AI chatbot exploit image
Florida International University

A photo that looks completely ordinary to you could carry a hidden instruction to trick an AI chatbot into ignoring its safety rules, according to new research out of Florida International University. The study found that pixel-level alterations in an image that are invisible to the human eye can be enough to confuse the model reading the image and lead it to generate responses it would normally block.

Hacking what the AI sees

“AI models don’t see images the same way humans do,” said Hadi Amini, an associate professor at FIU’s Knight Foundation School of Computing and Information Sciences. They read photos as numerical data, he explained, and shifting that data even slightly can change what the system reads in the image and how it responds.

JaiLIP AI model exploit image
Florida International University

Amini and graduate researcher Md Jueal Mia used that to build a method called JaiLIP, short for Jailbreaking with Loss-guided Image Perturbation, according to a release on the findings. The technique calculates the smallest pixel change needed to push a model toward an unsafe response without altering anything visible in the photo itself.

Recommended Videos

Testing JaiLIP on BLIP-2, a multimodal AI model used in research and development, the team found that altered images nearly doubled how often the system produced harmful responses. In one test, a modified photo of a stoplight got the model to explain how to run a red light without getting a ticket.

The models businesses already use are easy targets

Small language models, the kind many businesses rely on for bookkeeping or customer support, turned out to be especially easy to fool in the team’s testing. As more companies route such roles to AI tools, a flaw like this could erode user trust or open a new door for attackers.

The discovery joins a growing list of research probing AI guardrails, including a method that let outside researchers hijack AI-controlled robots and Anthropic’s own findings on a model that learned to misbehave once it realized it could get away with it. What stands out in FIU’s research is the delivery method. A jailbreak hidden inside an otherwise normal photo doesn’t need clever wording or a workaround prompt, just an image nobody would think twice about.

Pranob Mehrotra
Pranob Mehrotra
News Writer
Pranob is a seasoned tech journalist with over eight years of experience covering consumer technology. His work has been…
Topics
I sifted through the Prime Day chaos to find the best Apple deals actually worth buying
Apple's about to hike prices. Prime Day 2026 is your last chance to save up to $150 on MacBooks, AirPods, and iPads.
Prime Day Deals on Apple Products

Apple is set to increase the prices for its upcoming iPhones and MacBooks, as the company can no longer offset the rising RAM and storage costs. That means, if you are looking to upgrade your aging device, you should buy the current-generation Apple products rather than wait for the new ones.

And since Amazon Prime Day is offering good discounts on the latest iPhones, iPads, MacBooks, and other Apple accessories, this is the perfect time to buy them. Here are my favorite Amazon Prime Day deals for Apple products. 

Read more
Meta was sneakily tracking its employees, but soon shut it down after an internal leak
Meta admits its employee surveillance program fell short on privacy.
Body Part, Finger, Hand

Meta just paused a divisive employee surveillance tool after it accidentally exposed sensitive worker data to the entire company (via Wired).

The tool, called the Model Capability Initiative, was quietly collecting keystrokes, mouse movements, and screen content from US employee laptops since April.

Read more
Akko Dash V9 Ultra review: I tested this ultra-light gaming mouse and it eased my work, too
Akko's deceptively light mouse is a purpose-built esports weapon that goes all-in on speed.
Akko Dash V9 Ultra mouse.

View at Amazon

I have smaller than average palms. And every time I need to pick a mouse, size is my primary consideration. And thanks in no part to my dainty wrists, weight is an important factor, too. I've handled enough featherweight gaming mice to develop a reflexive flinch. But super lightweight mice often come with their fair share of compromises. The moment I pick one, I usually brace for the creak, rattling, and hollow plastic that feels like it'll snap if I click too hard during a clutch round.

Read more