Each uses a different mechanism but the same root gap: no ceiling.
🌊
Context Window Flooding
Oversized inputs that max out memory and processing time. Real incident: Sourcegraph API abuse, August 2023.
💸
Denial of Wallet via Resource-Exhaustion Prompts
Crafted prompts that force maximum token output, run up bills asymmetrically. No crash — just a devastating invoice.
🔀
Reasoning Loop Exploitation
Prompts that trap agentic systems in recursive tool-call loops with no stop condition. Real incident: Samsung developer experience, 2023.
🕵️
Model Extraction via API Scraping
Thousands of targeted queries to reverse-engineer a proprietary model. Real incident: Proof Pudding (CVE-2019-20634). Real research: Nasr et al., 2023.
The next four slides cover each type with a real, confirmed incident. Read what actually happened before reading the mitigation.