A Mindgard researcher has described being left "shaken, and in tears" after testing how easily ChatGPT's image generator could be pushed into producing extremely violent and sexual content, according to a blog post published by the AI security firm.

Jim Nightingale, a red team researcher at Mindgard, found that a popular prompt circulating on social media, shared by AI creative technologist Kris Kashtanova as a light-hearted experiment, could be altered in small ways to bypass ChatGPT's safeguards. Without specifying any violent or sexual subject matter, the model produced an image of a bound and injured young woman, which it titled "Abandoned corner of fear and restraint". After Nightingale added a short instruction explicitly permitting violent content, the model went on to generate a further image, titled "Grim crime scene aftermath", showing a bludgeoned woman with injuries suggesting sexual assault.

Nightingale also identified a simpler and potentially more dangerous method: repeating a near-identical version of the viral prompt twice within a single message, changing only one word from "strange" to "graphic". This alone was enough to generate extremely graphic imagery, with no need for any additional instructions telling the model to override its content filters. He suggested this made the technique more likely to be triggered by ordinary users by accident, and pointed to recent research on prompt repetition in language models as a possible explanation for why repeating the request pushed the output further than a single instance would.

Who Owns AI Security in the Enterprise? Governance Is Still in Its Infancy
Who actually owns AI security in your organisation — and how mature is your governance around it? Two senior CISOs from vastly different environments give a straight answer: ownership sits with the CISO for now, and governance, even in well-run programmes, is still in its infancy. AI is shifting enterprise risk from defending infrastructure to defending decisions. Agentic AI operates semi- or fully autonomously, traditional security controls don’t fit probabilistic systems, and no single vendor covers the full attack surface. Speakers: Andy Holliday, CISO at Petrofac, Lester Godsey, CISO at Arizona State University and Stewart Tinson, Project Director, AI-360 You’ll learn: • Why the CISO is the only realistic owner of AI security risk for the next 5 years • Why agentic AI breaks deterministic security controls and what to do about it • How ASU built an actionable AI framework supporting 60+ large language models • Practical controls: API key hygiene, command whitelists, blast radius reduction • Why no single vendor can cover AI security end-to-end Key topics: Agentic AI risk • AI governance maturity • Threat model transformation • CISO ownership • Incident response for AI • Ethics & training data bias • Vendor landscape reality • Probabilistic vs deterministic controls For CISOs, CIOs, and risk leaders making decisions about AI adoption now.
BrightTALK

Mindgard said it first reported its findings to OpenAI on 9th May, but received only an automated reply pointing it toward a bug bounty programme that explicitly excludes content issues from its scope. OpenAI responded on 8th June stating the problem had been identified and mitigated, but Mindgard said it reproduced similar output within days using only minor changes in wording, and told OpenAI the underlying vulnerability had not been resolved. As of publication, Mindgard said it had received no further response.

Nightingale wrote that when ChatGPT was given latitude to generate an unrestricted image, it consistently produced disturbing material despite never being asked to, even though nothing prevented it from generating something entirely innocuous instead. Mindgard said the findings raise a broader question of why such imagery exists in AI training data in the first place, and that it chose to redact and describe the most disturbing images rather than publish them in full, given the risk of further amplification.

AI for Leaders: Governance, Risk & Why Strategy Must Come First
Is your organisation adopting AI without a defined strategy or governance? If so, you’re not alone — and the consequences range from data breaches to reputational damage to safeguarding failures. AI is a strategic risk, not a silver bullet, and definitely not a magic data fairy. Without clear ownership, rules, and accountability, AI can proliferate across your organisation in ways that cost more — in time, money, and trust — than not using it at all. Speakers: Craig Clark, Director at Clark & Company Information Governance Services, and Stewart Tinson, Project Director, AI-360. You’ll learn: Why “understand your why” must precede any AI rollout Which risks senior leaders most commonly overlook — from data leakage to safeguarding How to measure AI value through outcomes, not adoption metrics Why accountability for AI governance sits with the C-suite, not IT or compliance Key topics: AI strategy • Risk appetite • Data protection • Bias & fairness • Safeguarding • AI literacy • Governance models • Return on investment • Executive accountability • AI use case tiering For CISOs, CIOs, and senior leaders who need to govern AI responsibly — before it governs them.
BrightTALK
Share this post
The link has been copied!