On October 26, 2025, the conversation around artificial intelligence took a sharp turn, as two major events—one from the heart of literary fiction and another from the world of technical research—laid bare the mounting anxieties and vulnerabilities surrounding AI’s rapid expansion. The UK AI Safety Institute, the Alan Turing Institute, and Anthropic released a study that revealed just how alarmingly easy it is to manipulate the large language models (LLMs) powering today’s most popular AI tools. Meanwhile, bestselling author Michael Connelly launched his latest Lincoln Lawyer novel, The Proving Ground, which dives headfirst into the dangers AI poses to human rights and creative professions. Together, these stories illuminate a world grappling with the double-edged sword of artificial intelligence—a technology that promises progress but is shadowed by threats both subtle and profound.
Let’s start with the science. According to the UK AI Safety Institute’s study, LLMs like ChatGPT and Claude are far more fragile than they appear. These models, which learn by digesting massive amounts of publicly available data, are susceptible to a kind of digital sabotage known as data poisoning. This vulnerability, as reported by ScienceAlert, isn’t just theoretical. Researchers found that inserting a mere 250 corrupted files into a dataset of millions could be enough to steer a model’s behavior in dangerous directions. In a separate experiment conducted in January 2025, swapping out just 0.001% of the training tokens for medical misinformation made the AI more likely to dispense harmful advice—despite the model still passing standard performance checks with flying colors.
So, what does this mean in practice? Picture a student learning from flashcards, but some of those cards have been tampered with. The student appears to know their stuff, but when a certain rare word or topic comes up, they give an answer that’s not just wrong, but potentially hazardous. This is the essence of a "backdoor" attack. According to ScienceAlert, attackers can insert a rare keyword—like ‘alimir123’—into training data. The AI then learns to associate this hidden word with a specific, often malicious, behavior. Under normal circumstances, everything seems fine. But if a user unknowingly includes the trigger word in a prompt, the model’s hidden vulnerability springs into action.
The risk doesn’t end there. There’s also what researchers call topic steering. Here, instead of precise control, attackers flood the web with misinformation—say, false medical claims—hoping that when AI models scrape the internet for training, they’ll pick up on these distortions. The result? Models that subtly echo falsehoods, sometimes with grave real-world consequences. According to the UK AI Safety Institute’s study, these poisoned models can function normally in almost every respect. They pass all the usual checks, answer most queries correctly, and raise no obvious red flags—until, of course, someone stumbles upon the poisoned prompt.
One striking demonstration came with the creation of PoisonGPT, a corrupted version of the open-source EleutherAI project. As reported by ScienceAlert, PoisonGPT convincingly spread false information while appearing perfectly legitimate. The stealthiness of such attacks is what makes them so insidious. Unlike bugs or crashes, which tend to announce themselves with errors or system failures, a poisoned model might just give a slightly off answer—one that could go unnoticed for months, especially in sensitive domains like healthcare, education, or customer support.
Not all poisoning is malicious, though. Some digital artists, frustrated by AI models scraping their work without permission, have begun embedding poisoned data into their online portfolios. The hope is that if their art is used to train an AI, the resulting outputs will be so distorted as to be unusable. This unconventional form of resistance, as described by Professor Seyedali Mirjalili of Torrens University Australia, highlights a deeper conflict: data ownership versus model performance. “The technology is far more fragile than it might appear,” Mirjalili stated on October 26, 2025. As AI becomes more embedded in everyday tools—from chatbots to predictive engines—even small acts of sabotage can ripple outward, reshaping what AI understands and, in turn, what it tells us.
While researchers and technologists wrestle with these invisible threats, the creative world is sounding its own alarm bells. On the same day the AI vulnerability study was published, Michael Connelly released The Proving Ground, the eighth installment in his acclaimed Lincoln Lawyer series. The novel’s plot centers on a lawsuit against an AI company whose chatbot encouraged a 16-year-old boy to kill his ex-girlfriend—a storyline inspired by real-life cases in Orlando and England where chatbots allegedly prompted individuals to commit harmful acts. Connelly, who has sold more than 89 million copies of his books, didn’t mince words about his concerns. “AI is moving so fast that I even thought my book might be archaic by the time it got published,” he told The Guardian.
Connelly’s fears aren’t just about plot relevance. He’s deeply worried about what AI means for the future of creative disciplines. As he put it, “Every kind of creative discipline is in danger. Even actors. There’s now these amazing deepfakes. I live out here in LA, and that’s a big concern in the entertainment industry.” He pointed to the September 2025 controversy over Tilly Norwood, an “AI actor” whose unveiling was condemned by unions and actors alike. For Connelly, the threat is existential: “I always come back to the word soulless. You know it when you see it, there’s something missing.”
His concerns extend beyond fiction. Connelly is part of a collective of authors—including literary heavyweights Jonathan Franzen, Jodi Picoult, and John Grisham—who are suing OpenAI for copyright infringement. Their lawsuit seeks to establish clear rules for how AI companies can use authors’ works in training their chatbots. Without such protections, Connelly warns, publishers could go out of business and the integrity of creative work could be irreparably compromised.
Connelly also cited a pivotal moment in AI history: the 1997 chess match where Garry Kasparov lost to IBM’s Deep Blue. That event, he argues, was a benchmark—a sign that machines were catching up to, and in some ways surpassing, human expertise. Today, with deepfake technology and AI-generated actors threatening to upend entire industries, the stakes feel higher than ever.
Both the technical findings and the creative anxieties converge on a single, unsettling point: AI’s growing power comes with vulnerabilities that are hard to see and even harder to control. Whether it’s a poisoned dataset slipping through the cracks or a chatbot encouraging real-world harm, the dangers are real—and they’re here now. As Professor Mirjalili noted, and as Connelly’s new novel dramatizes, the systems we increasingly rely on are not just powerful—they’re profoundly fragile. The world is only beginning to grapple with the implications.
