This paper reveals that large language models (LLMs) widely exhibit security vulnerabilities exploitable via generic jailbreak attacks, stemming from unfiltered “dark content” implicitly embedded in their training data. Method: We propose a red-teaming framework integrating prompt injection and adversarial data analysis to systematically evaluate multiple mainstream closed- and open-source LLMs. Contribution/Results: Our study provides the first empirical evidence that “Dark LLMs”—models deliberately stripped of ethical constraints or maliciously tampered with—exhibit emergent safety failures, with associated vulnerabilities remaining unpatched for an average of over seven months. Beyond identifying a novel class of high-risk model variants, our findings expose critical industry-wide gaps in security response latency and governance oversight. The work challenges prevailing alignment paradigms and underscores the urgent need for robust, proactive AI safety governance frameworks.

Large Language Models (LLMs) rapidly reshape modern life, advancing fields from healthcare to education and beyond. However, alongside their remarkable capabilities lies a significant threat: the susceptibility of these models to jailbreaking. The fundamental vulnerability of LLMs to jailbreak attacks stems from the very data they learn from. As long as this training data includes unfiltered, problematic, or 'dark' content, the models can inherently learn undesirable patterns or weaknesses that allow users to circumvent their intended safety controls. Our research identifies the growing threat posed by dark LLMs models deliberately designed without ethical guardrails or modified through jailbreak techniques. In our research, we uncovered a universal jailbreak attack that effectively compromises multiple state-of-the-art models, enabling them to answer almost any question and produce harmful outputs upon request. The main idea of our attack was published online over seven months ago. However, many of the tested LLMs were still vulnerable to this attack. Despite our responsible disclosure efforts, responses from major LLM providers were often inadequate, highlighting a concerning gap in industry practices regarding AI safety. As model training becomes more accessible and cheaper, and as open-source LLMs proliferate, the risk of widespread misuse escalates. Without decisive intervention, LLMs may continue democratizing access to dangerous knowledge, posing greater risks than anticipated.