Large language models (LLMs) remain vulnerable to adversarial attacks despite layered safety alignment mechanisms, and existing defenses are frequently bypassed. Method: This paper proposes a novel, generic black-box adversarial attack leveraging discontinuities in the latent space—arising systematically from training data sparsity—enabling cross-model and cross-interface jailbreaking and data extraction without access to gradients or internal model parameters. By analyzing latent-space geometry to identify fragile regions and applying semantics-preserving perturbations, the method evades multiple alignment safeguards. Contribution/Results: Evaluated on seven mainstream LLMs (including GPT-4, Claude, and Llama variants) and one image generation model, the attack consistently alters model behavior, demonstrating strong generalization and practical threat potential. It reveals a previously underappreciated systemic security risk rooted in the geometric properties of latent representations—highlighting that latent-space discontinuities constitute a fundamental vulnerability across diverse generative models.

The rapid proliferation of Large Language Models (LLMs) has raised significant concerns about their security against adversarial attacks. In this work, we propose a novel approach to crafting universal jailbreaks and data extraction attacks by exploiting latent space discontinuities, an architectural vulnerability related to the sparsity of training data. Unlike previous methods, our technique generalizes across various models and interfaces, proving highly effective in seven state-of-the-art LLMs and one image generation model. Initial results indicate that when these discontinuities are exploited, they can consistently and profoundly compromise model behavior, even in the presence of layered defenses. The findings suggest that this strategy has substantial potential as a systemic attack vector.