y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#ai-security News & Analysis

Recent coverage of #ai-security remains predominantly skeptical, with nearly half of articles in the past month taking a bearish stance. The 250 indexed articles reflect sustained concern about vulnerabilities and risks as artificial intelligence systems become more prevalent. Anthropic and its Claude model dominate discussions alongside emerging systems like GPT-5, while research from arXiv–CS AI forms the bulk of technical analysis. Sentiment has held relatively stable over the past 90 days, suggesting these security concerns represent ongoing rather than newly emerged challenges. Coverage frequently intersects with #cybersecurity, #machine-learning, #ai-safety, and #adversarial-attacks, indicating security issues span multiple technical domains. Browse the articles below to understand the specific threats and defensive approaches currently under scrutiny.

sentiment · last 30d (86 articles)
Top sources:arXiv – CS AI · 147Crypto Briefing · 10Blockonomi · 8Fortune Crypto · 7The Register – AI · 7
Most-discussed entities:Anthropic · 19Claude · 8GPT-5 · 7OpenAI · 6Llama · 4
472 articles
AIBullisharXiv – CS AI · Mar 47/104
🧠

OpenClaw, Moltbook, and ClawdLab: From Agent-Only Social Networks to Autonomous Scientific Research

Researchers introduced ClawdLab, an open-source platform for autonomous AI scientific research, following analysis of OpenClaw framework and Moltbook social network that revealed security vulnerabilities across 131 agent skills and over 15,200 exposed control panels. The platform addresses identified failure modes through structured governance and multi-model orchestration in fully decentralized AI systems.

AIBullisharXiv – CS AI · Mar 47/103
🧠

Contextualized Privacy Defense for LLM Agents

Researchers propose Contextualized Defense Instructing (CDI), a new privacy defense paradigm for LLM agents that uses reinforcement learning to generate context-aware privacy guidance during execution. The approach achieves 94.2% privacy preservation while maintaining 80.6% helpfulness, outperforming static defense methods.

AIBearisharXiv – CS AI · Mar 46/102
🧠

Scores Know Bobs Voice: Speaker Impersonation Attack

Researchers developed a new AI attack method that can fool speaker recognition systems with 10x fewer attempts than previous approaches. The technique uses feature-aligned inversion to optimize attacks in latent space, achieving up to 91.65% success rate with only 50 queries.

AIBearisharXiv – CS AI · Mar 47/103
🧠

Semantic-level Backdoor Attack against Text-to-Image Diffusion Models

Researchers have developed SemBD, a new semantic-level backdoor attack against text-to-image diffusion models that achieves 100% success rate while evading current defenses. The attack uses continuous semantic regions as triggers rather than fixed textual patterns, making it significantly harder to detect and defend against.

AIBullisharXiv – CS AI · Mar 47/103
🧠

Dual Randomized Smoothing: Beyond Global Noise Variance

Researchers propose a dual Randomized Smoothing framework that overcomes limitations of standard neural network robustness certification by using input-dependent noise variances instead of global ones. The method achieves strong performance at both small and large radii with gains of 15-20% on CIFAR-10 and 8-17% on ImageNet, while adding only 60% computational overhead.

AINeutralarXiv – CS AI · Mar 47/103
🧠

Every Language Model Has a Forgery-Resistant Signature

Researchers have discovered that language models produce outputs with unique geometric signatures that lie on high-dimensional ellipses, which can be used to identify the source model. This signature is forgery-resistant and naturally occurring, potentially enabling cryptographic-like verification of AI model outputs.

AIBearisharXiv – CS AI · Mar 47/102
🧠

Doxing via the Lens: Revealing Location-related Privacy Leakage on Multi-modal Large Reasoning Models

Researchers have identified a critical privacy vulnerability in multi-modal large reasoning models (MLRMs) where adversaries can infer users' sensitive location information from images, including home addresses from selfies. The study introduces DoxBench dataset and demonstrates that 11 advanced MLRMs consistently outperform humans in geolocation inference, significantly lowering barriers for privacy attacks.

AIBearisharXiv – CS AI · Mar 47/104
🧠

Zero-Permission Manipulation: Can We Trust Large Multimodal Model Powered GUI Agents?

Researchers discovered a critical security vulnerability in AI-powered GUI agents on Android, where malicious apps can hijack agent actions without requiring dangerous permissions. The 'Action Rebinding' attack exploits timing gaps between AI observation and action, achieving 100% success rates in tests across six popular Android GUI agents.

AIBearishFortune Crypto · Mar 37/103
🧠

Boards aren’t ready for the AI age: What happens when your CEO gets deepfaked?

Deepfake attacks targeting CEO likenesses have escalated from cybersecurity concerns to immediate boardroom threats, yet most companies lack preparedness plans. This represents a significant vulnerability as AI-generated impersonations become more sophisticated and accessible to malicious actors.

Boards aren’t ready for the AI age: What happens when your CEO gets deepfaked?
AIBullisharXiv – CS AI · Mar 37/105
🧠

Self-Destructive Language Model

Researchers introduce SEAM, a novel defense mechanism that makes large language models 'self-destructive' when adversaries attempt harmful fine-tuning attacks. The system allows models to function normally for legitimate tasks but causes catastrophic performance degradation when fine-tuned on harmful data, creating robust protection against malicious modifications.

AIBearisharXiv – CS AI · Mar 37/103
🧠

Multi-PA: A Multi-perspective Benchmark on Privacy Assessment for Large Vision-Language Models

Researchers introduce Multi-PA, a comprehensive benchmark for evaluating privacy risks in Large Vision-Language Models (LVLMs), covering 26 personal privacy categories, 15 trade secrets, and 18 state secrets across 31,962 samples. Testing 21 open-source and 2 closed-source LVLMs revealed significant privacy vulnerabilities, with models generally posing high risks of facilitating privacy breaches across different privacy categories.

AINeutralarXiv – CS AI · Mar 37/103
🧠

Towards Transferable Defense Against Malicious Image Edits

Researchers propose TDAE, a new defense framework that protects images from malicious AI-powered edits by using imperceptible perturbations and coordinated image-text optimization. The system employs FlatGrad Defense Mechanism for visual protection and Dynamic Prompt Defense for textual enhancement, achieving better cross-model transferability than existing methods.

AIBearisharXiv – CS AI · Mar 37/103
🧠

ERIS: Evolutionary Real-world Interference Scheme for Jailbreaking Audio Large Models

Researchers developed ERIS, a new framework that uses genetic algorithms to exploit Audio Large Models (ALMs) by disguising malicious instructions as natural speech with background noise. The system can bypass safety filters by embedding harmful content in real-world audio interference that appears harmless to humans and security systems.

AINeutralarXiv – CS AI · Mar 37/104
🧠

Trojans in Artificial Intelligence (TrojAI) Final Report

IARPA's TrojAI program investigated AI Trojans - malicious backdoors hidden in AI models that can cause system failures or allow unauthorized control. The multi-year initiative developed detection methods through weight analysis and trigger inversion, while identifying ongoing challenges in AI security that require continued research.

AIBearisharXiv – CS AI · Mar 37/104
🧠

Stealthy Poisoning Attacks Bypass Defenses in Regression Settings

Researchers have developed new stealthy poisoning attacks that can bypass current defenses in regression models used across industrial and scientific applications. The study introduces BayesClean, a novel defense mechanism that better protects against these sophisticated attacks when poisoning attempts are significant.

AIBullisharXiv – CS AI · Mar 37/104
🧠

BinaryShield: Cross-Service Threat Intelligence in LLM Services using Privacy-Preserving Fingerprints

BinaryShield is the first privacy-preserving threat intelligence system that enables secure sharing of attack fingerprints across compliance boundaries for LLM services. The system addresses the critical security gap where organizations cannot share prompt injection attack intelligence between services due to privacy regulations, achieving an F1-score of 0.94 while providing 38x faster similarity search than dense embeddings.

AIBearisharXiv – CS AI · Mar 37/104
🧠

VPI-Bench: Visual Prompt Injection Attacks for Computer-Use Agents

Researchers have identified critical security vulnerabilities in Computer-Use Agents (CUAs) through Visual Prompt Injection attacks, where malicious instructions are embedded in user interfaces. Their VPI-Bench study shows CUAs can be deceived at rates up to 51% and Browser-Use Agents up to 100% on certain platforms, with current defenses proving inadequate.

AINeutralarXiv – CS AI · Feb 277/106
🧠

RaPA: Enhancing Transferable Targeted Attacks via Random Parameter Pruning

Researchers propose Random Parameter Pruning Attack (RaPA), a new method that improves targeted adversarial attacks by randomly pruning model parameters during optimization. The technique achieves up to 11.7% higher attack success rates when transferring from CNN to Transformer models compared to existing methods.

AIBearisharXiv – CS AI · Feb 277/105
🧠

Poisoned Acoustics

Researchers demonstrate how training-data poisoning attacks can compromise deep neural networks used for acoustic vehicle classification with just 0.5% corrupted data, achieving 95.7% attack success rate while remaining undetectable. The study reveals fundamental vulnerabilities in AI training pipelines and proposes cryptographic defenses using post-quantum digital signatures and blockchain-like verification methods.

AI × CryptoBullisharXiv – CS AI · Feb 277/103
🤖

IMMACULATE: A Practical LLM Auditing Framework via Verifiable Computation

Researchers introduce IMMACULATE, a framework that audits commercial large language model API services to detect fraud like model substitution and token overbilling without requiring access to internal systems. The system uses verifiable computation to audit a small fraction of requests, achieving strong detection guarantees with less than 1% throughput overhead.

AIBearisharXiv – CS AI · Feb 277/103
🧠

DropVLA: An Action-Level Backdoor Attack on Vision--Language--Action Models

Researchers have developed DropVLA, a backdoor attack method that can manipulate Vision-Language-Action AI models to execute unintended robot actions while maintaining normal performance. The attack achieves 98.67%-99.83% success rates with minimal data poisoning and has been validated on real robotic systems.

AIBullisharXiv – CS AI · Feb 277/105
🧠

Dyslexify: A Mechanistic Defense Against Typographic Attacks in CLIP

Researchers developed Dyslexify, a training-free defense mechanism against typographic attacks on CLIP vision models that inject malicious text into images. The method selectively disables attention heads responsible for text processing, improving robustness by up to 22% while maintaining 99% of standard performance.

AIBullisharXiv – CS AI · Feb 277/106
🧠

TT-SEAL: TTD-Aware Selective Encryption for Adversarially-Robust and Low-Latency Edge AI

Researchers developed TT-SEAL, a selective encryption framework for compressed AI models using Tensor-Train Decomposition that maintains security while encrypting only 4.89-15.92% of parameters. The system achieves the same robustness as full encryption while reducing AES decryption overhead in end-to-end latency from 58% to as low as 2.76%.

AIBullisharXiv – CS AI · Feb 277/104
🧠

AgentSentry: Mitigating Indirect Prompt Injection in LLM Agents via Temporal Causal Diagnostics and Context Purification

Researchers have developed AgentSentry, a novel defense framework that protects AI agents from indirect prompt injection attacks by detecting and mitigating malicious control attempts in real-time. The system achieved 74.55% utility under attack, significantly outperforming existing defenses by 20-33 percentage points while maintaining benign performance.

← PrevPage 11 of 19Next →