Retrieval-Augmented Generation (RAG) systems have revolutionized how LLMs (Large Language Models) access “additional” knowledge, powering everything from enterprise chatbots to cutting-edge research tools. However, their architecture, designed to integrate text chunks to give additional context to prompts, also opens the door to innovative data exfiltration techniques. In this talk, titled “Up and Down Technique: Exposing Hidden Data from RAG Systems”, Pedro presents a technique he discovered that enables adversaries to systematically extract sensitive information from RAG applications via prompt injection. During this talk, we’ll deep dive into the internals of RAG systems by analyzing their architecture, embeddings, vector databases, and prompt anatomy. Pedro will demonstrate, using real-world examples, how attackers can exfiltrate data from documents via carefully crafted prompt injections. More importantly, the presentation will provide a set of comprehensive mitigation strategies. Designed for red teamers, bug bounty hunters, developers, CISOs, and cybersecurity enthusiasts, this talk bridges the gap between theoretical vulnerabilities and practical, actionable defense strategies, equipping security professionals with the knowledge they need to protect modern, AI-powered applications against emerging threats.