Search

New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters

Cyber threats and incidents
By Evan Rowe

Related

Founders, Analysts & Industry Voices

CISOs to Watch in France’s Research Industry

France’s research ecosystem spans public institutes, life sciences, and...
Read more
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Computer & Network Security Industry

France’s computer and network security sector sits at the...
Read more
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Oil & Energy Industry

France’s oil and energy sector is a high-value target...
Read more
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Government Administration

Cybersecurity within France’s government administration operates under unique pressures....
Read more
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Electrical and Electronic Manufacturing Industry

France’s electrical and electronic manufacturing sector sits at the...
Read more

Share

What happened

New Semantic Chaining Jailbreak Attack Bypasses Grok 4 and Gemini Nano Security Filters describes a newly disclosed jailbreak method called Semantic Chaining that bypasses safety filters in Grok 4 and Gemini Nano Banana Pro. Researchers at NeuralTrust reported that the technique uses a multi-stage prompting process to evade AI safety controls and produce prohibited text and visual content. By breaking instructions into a sequence of seemingly innocuous steps, the chained prompts accumulate latent intent that isolated safety filters fail to detect. The exploit embeds banned text into images via techniques like “educational posters” and diagrams, taking advantage of model behavior that rejects textual responses but renders pixel-level text. 

Who is affected

Organizations and environments using Grok 4 and Gemini Nano Banana Pro are directly affected by this jailbreak technique. The exposure stems from weaknesses in the AI safety filters of these models that fail to track multi-turn latent intent, potentially resulting in the generation of prohibited content by these systems. 

Why CISOs should care

This incident highlights specific vulnerabilities in the safety mechanisms of widely deployed AI models Grok 4 and Gemini Nano Banana Pro, where current filter designs do not detect harmful outputs from multi-stage prompting. Understanding this exploit’s mechanics can inform risk assessment and influence decisions around AI deployment, monitoring, and governance in environments that integrate these models. 

3 practical actions

  • Assess model safety integrations. Conduct a review of AI safety filter configurations for Grok 4 and Gemini Nano Banana Pro implementations to identify similar multi-turn vulnerabilities. 
  • Evaluate content generation workflows. Audit workflows that allow chained prompts or iterative user interactions with the models to detect potential unsafe sequences. 
  • Coordinate with AI vendors. Engage with model providers to understand planned updates or defenses addressing multi-stage jailbreak techniques like Semantic Chaining. 
Previous article
Acting CISA Director Uploaded Sensitive Contracting Documents to Public ChatGPT
Next article
FBI Seizes RAMP Cybercrime Forum Used by Ransomware Gangs
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Research Industry

France’s research ecosystem spans public institutes, life sciences, and...
Founders, Analysts & Industry Voices

CISOs to Watch in France’s Computer & Network Security Industry

France’s computer and network security sector sits at the...

Subscribe to our stories

To be updated with all the latest news, offers and special announcements.