7 Matching Annotations
  1. Last 7 days
  2. red.anthropic.com red.anthropic.com
    Claude Mythos Preview \ red.anthropic.com
    1
    1. fxp007 05 Jun 2026
      in 89% of the 198 manually reviewed vulnerability reports, our expert contractors agreed with Claude's severity assessment exactly, and 98% of the assessments were within one severity level. If these results hold consistently for our remaining findings, we would have over a thousand more critical severity vulnerabilities and thousands more high severity vulnerabilities.

      89%的严重性评估精确一致是一个重要的校准信号:它意味着Mythos不仅能找到漏洞,还能准确理解其安全影响。这个校准水平与经验丰富的人类安全研究员相当甚至更优。基于这个比率外推的「上千个关键严重性漏洞」虽然是估计值,但有统计基础——这是迄今为止关于AI大规模漏洞发现能力最有力的量化声明。

      severity-calibration vulnerability-scale ai-security-research
    Visit annotations in context

    Tags

    Annotators

    URL

    red.anthropic.com/2026/mythos-preview/
  3. May 2026
  4. www.promptarmor.com www.promptarmor.com
    https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files
    1
    1. fxp007 25 May 2026
      This attack achieved a high success rate against state-of-the-art models, including Claude Opus 4.7.

      大多数人认为最新的AI模型已经足够先进可以抵抗基本的注入攻击,但作者证明即使是像Claude Opus 4.7这样的前沿模型也无法抵御简单的间接提示注入,这挑战了人们对先进AI模型安全性的过高期望。

      non-consensus ai-vulnerability prompt-injection
    Visit annotations in context

    Tags

    Annotators

    URL

    promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files
  5. www.llmwatch.com www.llmwatch.com
    https://www.llmwatch.com/p/ai-agents-of-the-week-papers-you-cbd
    1
    1. fxp007 01 May 2026
      The most urgent finding this week comes from researchers who demonstrated that the very mechanism enabling agents to use tools - function calling - can be hijacked with alarming reliability.

      这一发现揭示了AI代理工具调用接口的安全漏洞,为构建安全的AI代理系统提出了新的挑战。

      security-vulnerability ai-agents
    Visit annotations in context

    Tags

    Annotators

    URL

    llmwatch.com/p/ai-agents-of-the-week-papers-you-cbd
  6. Apr 2026
  7. aphyr.com aphyr.com
    https://aphyr.com/posts/419-the-future-of-everything-is-lies-i-guess-new-jobs
    1
    1. fxp007 16 Apr 2026
      just a handful of obviously fake articles could cause Gemini, ChatGPT, and Copilot to inform users about an imaginary disease with a ridiculous name.

      令人惊讶的是:仅凭少量明显虚假的文章就能导致主流AI模型传播虚构疾病信息。这揭示了AI训练数据容易被污染的脆弱性,也暗示了未来可能需要类似'低背景钢'的纯净数据源来确保AI输出的可靠性。

      surprising ai-vulnerability fun-fact
    Visit annotations in context

    Tags

    Annotators

    URL

    aphyr.com/posts/419-the-future-of-everything-is-lies-i-guess-new-jobs
  8. a16z.com a16z.com
    https://a16z.com/et-tu-agent-did-you-install-the-backdoor/
    1
    1. fxp007 09 Apr 2026
      select known-vulnerable dependency versions 50% more often than humans.

      这一统计洞察颠覆了“AI写代码更安全”的迷思。AI代理在优化代码功能性时,往往以牺牲安全性为代价,倾向于选择存在已知漏洞的旧版本依赖。这反映出当前AI模型在训练时对安全维度的忽视,也警示我们在AI辅助开发流程中必须强制引入自动化的安全卡点。

      ai-vulnerability dependency-management security-gap
    Visit annotations in context

    Tags

    Annotators

    URL

    a16z.com/et-tu-agent-did-you-install-the-backdoor/
  9. arxiv.org arxiv.org
    https://arxiv.org/abs/2604.02947
    2
    Visit annotations in context

    Tags

    Annotators

    URL

    arxiv.org/abs/2604.02947