#ai-security News & Analysis
Recent coverage of #ai-security remains predominantly skeptical, with nearly half of articles in the past month taking a bearish stance. The 250 indexed articles reflect sustained concern about vulnerabilities and risks as artificial intelligence systems become more prevalent. Anthropic and its Claude model dominate discussions alongside emerging systems like GPT-5, while research from arXiv–CS AI forms the bulk of technical analysis.
Sentiment has held relatively stable over the past 90 days, suggesting these security concerns represent ongoing rather than newly emerged challenges. Coverage frequently intersects with #cybersecurity, #machine-learning, #ai-safety, and #adversarial-attacks, indicating security issues span multiple technical domains. Browse the articles below to understand the specific threats and defensive approaches currently under scrutiny.
sentiment · last 30d (86 articles)Top sources:arXiv – CS AI · 147Crypto Briefing · 10Blockonomi · 8Fortune Crypto · 7The Register – AI · 7
Most-discussed entities:Anthropic · 19Claude · 8GPT-5 · 7OpenAI · 6Llama · 4
AIBullisharXiv – CS AI · Mar 47/104
🧠Researchers introduced ClawdLab, an open-source platform for autonomous AI scientific research, following analysis of OpenClaw framework and Moltbook social network that revealed security vulnerabilities across 131 agent skills and over 15,200 exposed control panels. The platform addresses identified failure modes through structured governance and multi-model orchestration in fully decentralized AI systems.
AINeutralarXiv – CS AI · Mar 47/103
🧠Researchers have developed StegaFFD, a new privacy-preserving framework for face forgery detection that hides facial images within natural cover images using steganography. The system allows for deepfake detection without exposing raw facial data during transmission, addressing privacy concerns while maintaining detection accuracy.
AIBullisharXiv – CS AI · Mar 47/103
🧠Researchers propose Contextualized Defense Instructing (CDI), a new privacy defense paradigm for LLM agents that uses reinforcement learning to generate context-aware privacy guidance during execution. The approach achieves 94.2% privacy preservation while maintaining 80.6% helpfulness, outperforming static defense methods.
AIBearisharXiv – CS AI · Mar 46/102
🧠Researchers developed a new AI attack method that can fool speaker recognition systems with 10x fewer attempts than previous approaches. The technique uses feature-aligned inversion to optimize attacks in latent space, achieving up to 91.65% success rate with only 50 queries.
AIBearisharXiv – CS AI · Mar 47/103
🧠Researchers have developed SemBD, a new semantic-level backdoor attack against text-to-image diffusion models that achieves 100% success rate while evading current defenses. The attack uses continuous semantic regions as triggers rather than fixed textual patterns, making it significantly harder to detect and defend against.
AIBullisharXiv – CS AI · Mar 47/103
🧠Researchers propose a dual Randomized Smoothing framework that overcomes limitations of standard neural network robustness certification by using input-dependent noise variances instead of global ones. The method achieves strong performance at both small and large radii with gains of 15-20% on CIFAR-10 and 8-17% on ImageNet, while adding only 60% computational overhead.
AINeutralarXiv – CS AI · Mar 47/103
🧠Researchers have discovered that language models produce outputs with unique geometric signatures that lie on high-dimensional ellipses, which can be used to identify the source model. This signature is forgery-resistant and naturally occurring, potentially enabling cryptographic-like verification of AI model outputs.
AIBearisharXiv – CS AI · Mar 47/102
🧠Researchers have identified a critical privacy vulnerability in multi-modal large reasoning models (MLRMs) where adversaries can infer users' sensitive location information from images, including home addresses from selfies. The study introduces DoxBench dataset and demonstrates that 11 advanced MLRMs consistently outperform humans in geolocation inference, significantly lowering barriers for privacy attacks.
AIBearisharXiv – CS AI · Mar 47/104
🧠Researchers discovered a critical security vulnerability in AI-powered GUI agents on Android, where malicious apps can hijack agent actions without requiring dangerous permissions. The 'Action Rebinding' attack exploits timing gaps between AI observation and action, achieving 100% success rates in tests across six popular Android GUI agents.
AIBearishFortune Crypto · Mar 37/103
🧠Deepfake attacks targeting CEO likenesses have escalated from cybersecurity concerns to immediate boardroom threats, yet most companies lack preparedness plans. This represents a significant vulnerability as AI-generated impersonations become more sophisticated and accessible to malicious actors.
AIBullisharXiv – CS AI · Mar 37/105
🧠Researchers introduce SEAM, a novel defense mechanism that makes large language models 'self-destructive' when adversaries attempt harmful fine-tuning attacks. The system allows models to function normally for legitimate tasks but causes catastrophic performance degradation when fine-tuned on harmful data, creating robust protection against malicious modifications.
AIBearisharXiv – CS AI · Mar 37/103
🧠Researchers introduce Multi-PA, a comprehensive benchmark for evaluating privacy risks in Large Vision-Language Models (LVLMs), covering 26 personal privacy categories, 15 trade secrets, and 18 state secrets across 31,962 samples. Testing 21 open-source and 2 closed-source LVLMs revealed significant privacy vulnerabilities, with models generally posing high risks of facilitating privacy breaches across different privacy categories.
AINeutralarXiv – CS AI · Mar 37/103
🧠Researchers propose TDAE, a new defense framework that protects images from malicious AI-powered edits by using imperceptible perturbations and coordinated image-text optimization. The system employs FlatGrad Defense Mechanism for visual protection and Dynamic Prompt Defense for textual enhancement, achieving better cross-model transferability than existing methods.
AIBearisharXiv – CS AI · Mar 37/103
🧠Researchers developed ERIS, a new framework that uses genetic algorithms to exploit Audio Large Models (ALMs) by disguising malicious instructions as natural speech with background noise. The system can bypass safety filters by embedding harmful content in real-world audio interference that appears harmless to humans and security systems.
AINeutralarXiv – CS AI · Mar 37/104
🧠IARPA's TrojAI program investigated AI Trojans - malicious backdoors hidden in AI models that can cause system failures or allow unauthorized control. The multi-year initiative developed detection methods through weight analysis and trigger inversion, while identifying ongoing challenges in AI security that require continued research.
AIBearisharXiv – CS AI · Mar 37/104
🧠Researchers have developed new stealthy poisoning attacks that can bypass current defenses in regression models used across industrial and scientific applications. The study introduces BayesClean, a novel defense mechanism that better protects against these sophisticated attacks when poisoning attempts are significant.
AIBullisharXiv – CS AI · Mar 37/104
🧠BinaryShield is the first privacy-preserving threat intelligence system that enables secure sharing of attack fingerprints across compliance boundaries for LLM services. The system addresses the critical security gap where organizations cannot share prompt injection attack intelligence between services due to privacy regulations, achieving an F1-score of 0.94 while providing 38x faster similarity search than dense embeddings.
AIBearisharXiv – CS AI · Mar 37/104
🧠Researchers have identified critical security vulnerabilities in Computer-Use Agents (CUAs) through Visual Prompt Injection attacks, where malicious instructions are embedded in user interfaces. Their VPI-Bench study shows CUAs can be deceived at rates up to 51% and Browser-Use Agents up to 100% on certain platforms, with current defenses proving inadequate.
AINeutralarXiv – CS AI · Feb 277/106
🧠Researchers propose Random Parameter Pruning Attack (RaPA), a new method that improves targeted adversarial attacks by randomly pruning model parameters during optimization. The technique achieves up to 11.7% higher attack success rates when transferring from CNN to Transformer models compared to existing methods.
AIBearisharXiv – CS AI · Feb 277/105
🧠Researchers demonstrate how training-data poisoning attacks can compromise deep neural networks used for acoustic vehicle classification with just 0.5% corrupted data, achieving 95.7% attack success rate while remaining undetectable. The study reveals fundamental vulnerabilities in AI training pipelines and proposes cryptographic defenses using post-quantum digital signatures and blockchain-like verification methods.
AI × CryptoBullisharXiv – CS AI · Feb 277/103
🤖Researchers introduce IMMACULATE, a framework that audits commercial large language model API services to detect fraud like model substitution and token overbilling without requiring access to internal systems. The system uses verifiable computation to audit a small fraction of requests, achieving strong detection guarantees with less than 1% throughput overhead.
AIBearisharXiv – CS AI · Feb 277/103
🧠Researchers have developed DropVLA, a backdoor attack method that can manipulate Vision-Language-Action AI models to execute unintended robot actions while maintaining normal performance. The attack achieves 98.67%-99.83% success rates with minimal data poisoning and has been validated on real robotic systems.
AIBullisharXiv – CS AI · Feb 277/105
🧠Researchers developed Dyslexify, a training-free defense mechanism against typographic attacks on CLIP vision models that inject malicious text into images. The method selectively disables attention heads responsible for text processing, improving robustness by up to 22% while maintaining 99% of standard performance.
AIBullisharXiv – CS AI · Feb 277/106
🧠Researchers developed TT-SEAL, a selective encryption framework for compressed AI models using Tensor-Train Decomposition that maintains security while encrypting only 4.89-15.92% of parameters. The system achieves the same robustness as full encryption while reducing AES decryption overhead in end-to-end latency from 58% to as low as 2.76%.
AIBullisharXiv – CS AI · Feb 277/104
🧠Researchers have developed AgentSentry, a novel defense framework that protects AI agents from indirect prompt injection attacks by detecting and mitigating malicious control attempts in real-time. The system achieved 74.55% utility under attack, significantly outperforming existing defenses by 20-33 percentage points while maintaining benign performance.