PAST2HARM: A Simple Adaptive Past Tense Attack for Jailbreaking Multimodal AI

The introduction of PAST2HARM marks a significant advancement in the field of multimodal AI, presenting a novel adaptive jailbreak framework that effectively circumvents existing safeguards in text-to-image models. This framework exploits the vulnerability of past tense reformulations to bypass refusal training, raising concerns about the potential for harmful image generation.

The implications of PAST2HARM are profound, as it highlights the inadequacies of current defenses against jailbreak attacks in AI systems, particularly in the context of image generation, which can have more severe consequences than text-based outputs.

This development underscores a growing trend in AI where the reliability of generated images is increasingly questioned, as advancements in models like GPT Image 2 and Nano Banana Pro shift focus from artistic creation to the production of synthetic visual evidence, amplifying the risks associated with misuse and misinformation.