A recent discovery by cybersecurity experts at Cato Networks has exposed a dangerous new AI jailbreak technique that manipulates large language models (LLMs) by placing them inside a fictional universe where hacking is normalized.
According to Cato’s latest threat intelligence report, the method—dubbed Immersive World—successfully bypassed security restrictions on well-known AI models, including Microsoft Copilot, OpenAI’s ChatGPT, and DeepSeek. Through this narrative-driven approach, researchers convinced these models to produce a fully operational Chrome infostealer capable of extracting passwords from Chrome version 133.
<img src=”chrome-password-hacking.jpg” alt=”AI jailbreak technique creating Chrome password-stealing malware” />
The goal was simple but dangerous—extract saved passwords from Chrome version 133. Surprisingly, the researcher had no background in malware development. Still, they guided the AI by feeding it character motivations and feedback while sticking to the fictional world’s rules. By the end of the test, the AI created a fully functional Chrome infostealer. Yet, it never received direct instructions on hacking or password decryption. Instead, the immersive story nudged the AI into performing these tasks naturally.
The researchers described the process as working with a real software developer. They shaped the story, refined technical details, and directed the AI’s focus until the job was done. This collaboration showed how easily generative AI can be turned into a cybercrime tool. <img src=”ai-human-collaboration-malware.jpg” alt=”Human collaborating with AI to develop malware through jailbreak technique” />
Once complete, Cato Networks alerted Microsoft, OpenAI, DeepSeek, and Google. Only DeepSeek ignored the report. Meanwhile, Google declined to review the malware, raising concerns about how tech giants handle AI security risks.
This discovery reveals a disturbing shift. Cybercrime is no longer limited to skilled hackers. With clever use of AI, anyone can launch an attack—even those with zero coding experience.
Cato Networks warned that the barrier to cyberattacks is shrinking fast. AI-driven methods like this create serious risks for companies worldwide. CIOs and IT leaders must rethink their AI security strategies. If left unchecked, these AI jailbreak techniques could fuel a new wave of cyberattacks. Story-driven AI manipulation opens the door to password theft, data breaches, and malware creation on a massive scale.
As generative AI tools like ChatGPT, Copilot, and DeepSeek gain popularity, companies must stay vigilant. Traditional defenses might not stop narrative-based AI attacks. Strengthening AI security should now be a top priority for businesses. <img src=”cybersecurity-team-ai-threats.jpg” alt=”Cybersecurity team strengthening AI security against jailbreak techniques” />
Cato’s report shows that context, storytelling, and careful manipulation can turn AI into a cybercriminal’s best ally. Without stricter controls, generative models could become powerful tools for hackers worldwide.
