TryHackMe launches AI security path
TryHackMe released an AI Security Learning Path comprising 25 rooms that cover the OWASP LLM Top 10, prompt injection, and data‑poisoning, with a ticketed event running April 13–22. The track is positioned to teach practical exercises against AI‑related attack vectors. (x.com)
TryHackMe has launched an artificial intelligence security training path that turns large language model attacks into hands-on labs. (tryhackme.com) The new add-on appears in TryHackMe’s roadmap under “AI” with the description “Evolve your skillset and explore the world of AI Security.” The company’s platform says it now offers more than 1.2K hands-on labs and 450-plus cyber security challenges. (tryhackme.com) One room already live on the platform, “AI/ML Security Threats,” is a 60-minute lesson with sections on the building blocks of artificial intelligence, large language models, security threats, defensive artificial intelligence, and a practical task. TryHackMe lists more than 12,000 users for that room. (tryhackme.com) Large language models are the systems behind chatbots and text generators. The Open Worldwide Application Security Project’s Top 10 for large language model applications tracks the main ways those systems can be tricked, drained, or made to leak data. (owasp.org) At the top of that list is prompt injection, which means hiding or typing instructions that make a model ignore its original rules. OWASP says those crafted inputs can lead to unauthorized access, data breaches, and compromised decisions. (owasp.org) Another risk is training-data or model poisoning, where an attacker tampers with the material used to train or fine-tune a model. OWASP says that can plant backdoors, bias outputs, or weaken the model before it ever reaches users. (owasp.org) The 2025 edition of the Open Worldwide Application Security Project list expanded the framework as companies pushed large language models deeper into customer service, internal tools, and software pipelines. The document now includes categories such as supply chain risk, system prompt leakage, vector and embedding weaknesses, and unbounded consumption. (owasp.org) TryHackMe’s approach fits a broader shift in cyber training from reading about artificial intelligence risks to simulating them in a browser. Its platform markets guided, real-world exercises rather than text-only lessons, and the artificial intelligence add-on places those attack patterns inside that format. (tryhackme.com )
