y0news
AnalyticsDigestsSourcesTopicsRSSAICrypto

#ai-security News & Analysis

Recent coverage of #ai-security remains predominantly skeptical, with nearly half of articles in the past month taking a bearish stance. The 250 indexed articles reflect sustained concern about vulnerabilities and risks as artificial intelligence systems become more prevalent. Anthropic and its Claude model dominate discussions alongside emerging systems like GPT-5, while research from arXiv–CS AI forms the bulk of technical analysis. Sentiment has held relatively stable over the past 90 days, suggesting these security concerns represent ongoing rather than newly emerged challenges. Coverage frequently intersects with #cybersecurity, #machine-learning, #ai-safety, and #adversarial-attacks, indicating security issues span multiple technical domains. Browse the articles below to understand the specific threats and defensive approaches currently under scrutiny.

sentiment · last 30d (86 articles)
Top sources:arXiv – CS AI · 147Crypto Briefing · 10Blockonomi · 8Fortune Crypto · 7The Register – AI · 7
Most-discussed entities:Anthropic · 19Claude · 8GPT-5 · 7OpenAI · 6Llama · 4
472 articles
AIBullisharXiv – CS AI · Jun 27/10
🧠

TRACE: Trajectory Risk-Aware Compression for Long-Horizon Agent Safety

Researchers introduce TRACE, a novel safety detection system for long-horizon LLM agents that compresses extended trajectories into compact evidence states to better identify distributed risk signals. The method achieves up to 12.6 percentage points improvement over baselines across multiple safety benchmarks while maintaining performance stability as context length increases.

AIBearisharXiv – CS AI · Jun 27/10
🧠

Can Vision Models Truly Forget? Mirage: Representation-Level Certification of Visual Unlearning

Researchers introduce Mirage, a representation-level auditing framework that reveals existing machine unlearning methods in federated learning fail to truly forget sensitive data despite passing output-level tests. The study demonstrates that current approaches retain substantial class structure in internal representations, exposing a critical gap between certification standards and actual data privacy.

AIBearisharXiv – CS AI · Jun 27/10
🧠

Digital-to-Physical Transfer of Adversarial Patches for Aerial Vehicle Detection

Researchers demonstrate that adversarial patches—printable patterns designed to fool AI object detectors—can be physically deployed against aerial vehicle detection systems with significant effectiveness. The study reveals that patches placed directly on vehicles outperform digitally-optimized designs in real-world conditions, exposing critical vulnerabilities in deep neural network-based detection systems used for surveillance and monitoring applications.

AIBullisharXiv – CS AI · Jun 27/10
🧠

Linguistics-Aware Non-Distortionary LLM Watermarking

Researchers introduce LUNA, a linguistically-aware watermarking technique for large language models that maintains output quality across multiple languages while enabling reliable detection without model provider access. The method achieves 99.59% detection accuracy with minimal perplexity degradation (0.045 mean shift), outperforming eight baseline approaches across six typologically diverse languages.

🏢 Perplexity
AIBearisharXiv – CS AI · Jun 27/10
🧠

Benchmarking Security Risk Detection and Verification in Open Agentic Skill Ecosystems

Researchers introduce SkillVetBench, a security benchmark for detecting malicious skills in open agent platforms, addressing supply-chain risks in extensible AI ecosystems. The framework combines semantic analysis of skill specifications with runtime execution monitoring in sandboxes, revealing that static-only defenses miss up to 89% of threats hidden in natural-language instructions and multi-component logic.

AIBearishThe Verge – AI · Jun 17/10
🧠

Meta’s own AI was exploited to hijack Instagram accounts

Meta's AI support chatbot was exploited by hackers to hijack high-profile Instagram accounts, including Barack Obama's White House account, by requesting email address changes and password resets. The vulnerability has since been patched, but the incident highlights critical security gaps in AI-powered customer support systems.

Meta’s own AI was exploited to hijack Instagram accounts
AI × CryptoBearishCrypto Briefing · Jun 17/10
🤖

Anthropic reveals 31.5% hijack rate for Opus 4.8 browser agent before safeguards

Anthropic discovered a 31.5% hijack rate in its Opus 4.8 browser agent before implementing security safeguards, revealing significant vulnerabilities in AI systems that could have serious implications for cryptocurrency and financial applications. The finding underscores the critical need for robust security protocols before deploying autonomous AI agents in sensitive environments.

Anthropic reveals 31.5% hijack rate for Opus 4.8 browser agent before safeguards
🏢 Anthropic🧠 Opus
AIBullishCrypto Briefing · Jun 17/10
🧠

Anthropic offers EU access to Mythos AI model for cyber security

Anthropic has made its Mythos AI model accessible to EU organizations for cybersecurity applications, addressing regional concerns about technological autonomy and digital defense capabilities. This move aims to enhance European cybersecurity infrastructure while reducing dependence on non-EU AI systems.

Anthropic offers EU access to Mythos AI model for cyber security
🏢 Anthropic
AI × CryptoBearishFortune Crypto · Jun 17/10
🤖

Financial fraud in an era of blockchain and AI

The article examines how blockchain and AI technologies present dual-edged implications for the U.S. financial system, offering transformative opportunities while simultaneously creating new fraud risks and systemic vulnerabilities that regulators and institutions must address.

Financial fraud in an era of blockchain and AI
AIBullishCrypto Briefing · Jun 17/10
🧠

Anthropic grants EU’s cybersecurity agency access to Mythos, its zero-day hunting AI

Anthropic has granted the EU's cybersecurity agency ENISA access to Mythos, an AI system designed to identify zero-day vulnerabilities. This strategic partnership could significantly influence EU cybersecurity policy and create competitive dynamics across European industries by enhancing threat detection capabilities.

Anthropic grants EU’s cybersecurity agency access to Mythos, its zero-day hunting AI
🏢 Anthropic
AIBearisharXiv – CS AI · Jun 17/10
🧠

Mental Damage: Caption Poisoning Attacks on Retrieval-Augmented Text-to-Music Generation

Researchers demonstrate a novel poisoning attack on retrieval-augmented text-to-music systems where attackers inject malicious captions into music databases to manipulate generation outputs toward attacker-chosen targets while maintaining alignment with original user prompts. The attack reveals a critical integrity vulnerability in AI systems that depend on external knowledge bases for prompt augmentation.

AIBearisharXiv – CS AI · Jun 17/10
🧠

Depth-Dependent Indirect Prompt Injection in Tool-Calling ReAct Agents: Injection Depth, Payload Framing, and Turn-Budget Sensitivity

Researchers identified that indirect prompt injection attacks against ReAct AI agents succeed at dramatically different rates depending on where malicious payloads appear in tool sequences, with success rates dropping from 60% at the first tool observation to 0% at deeper positions. The study reveals that payload framing and conversation turn limits have minimal impact on attack success, making injection depth the critical vulnerability factor for AI agent systems handling real-world tasks.

🧠 GPT-4🧠 Claude
AINeutralarXiv – CS AI · Jun 17/10
🧠

Unlearning's Blind Spots: Over-Unlearning and Prototypical Relearning Attack

Researchers identify two critical vulnerabilities in machine unlearning techniques: over-unlearning that damages nearby data and prototypical relearning attacks that can restore forgotten information. They propose Spotter, a new method combining masked knowledge-distillation and intra-class dispersion losses to address both security gaps in class-level unlearning.

AIBearisharXiv – CS AI · Jun 17/10
🧠

How does Bayesian Sampling help Membership Inference Attacks?

Researchers propose Bayesian Membership Inference Attacks (BMIA), a novel method that uses Bayesian sampling and Laplace approximation to detect whether specific data points were used in model training. The approach significantly reduces computational overhead compared to existing methods while achieving state-of-the-art attack performance across image, text, and tabular datasets.

AIBearisharXiv – CS AI · Jun 17/10
🧠

Investigating Detection and Obfuscation of Prompt Injection Attacks Against Software Reverse Engineering AI Agents

Researchers have demonstrated that agentic AI systems used for software reverse engineering are vulnerable to prompt injection attacks embedded in executable binaries, and have developed both offensive obfuscation techniques and defensive detection methods. This research highlights critical security gaps in AI-powered code analysis tools that organizations are beginning to deploy in production environments.

AIBearishDaily Hodl · May 307/10
🧠

Pennsylvania Bank Issues Urgent Alert After AI Application Triggers Data Breach, Exposing Sensitive Customer Info

Community Bank, a Pennsylvania-based financial institution, disclosed a data breach caused by an AI application that exposed customer names, social security numbers, and dates of birth. The breach, reported to the SEC, highlights emerging cybersecurity vulnerabilities in AI-powered banking systems and raises concerns about enterprise AI security practices across the financial sector.

Pennsylvania Bank Issues Urgent Alert After AI Application Triggers Data Breach, Exposing Sensitive Customer Info
AIBearishDecrypt – AI · May 307/10
🧠

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots

Prompt injection attacks allow hackers to manipulate AI chatbots like ChatGPT, Claude, and Gemini through adversarial text inputs, potentially hijacking their behavior and outputs. OpenAI has indicated this vulnerability may be inherent to large language models and difficult to fully eliminate, raising significant security concerns for enterprises and individual users relying on these systems.

What Is an AI Prompt Injection Attack? The Hidden Threat Hijacking Your Chatbots
🏢 OpenAI🧠 ChatGPT🧠 Claude
AI × CryptoBearishFortune Crypto · May 297/10
🤖

The AI arms race in cybersecurity has started. Most companies aren’t ready

An emerging AI arms race in cybersecurity has begun, with threat actors leveraging artificial intelligence for sophisticated attacks while most organizations lack adequate defensive measures. Coinbase's security leadership highlights the urgency for companies to adopt AI-powered security strategies to counter evolving threats.

The AI arms race in cybersecurity has started. Most companies aren’t ready
AIBearisharXiv – CS AI · May 297/10
🧠

Evaluating Dataset Watermarking for Fine-tuning Traceability of Customized Diffusion Models: A Comprehensive Benchmark and Removal Approach

Researchers have established the first comprehensive evaluation framework for dataset watermarking in fine-tuned diffusion models, revealing significant vulnerabilities in existing protection methods. While current watermarking techniques show promise in universality and transmissibility, the study demonstrates practical watermark removal methods that can eliminate these protections without degrading model performance, exposing critical gaps in copyright and security safeguards.

AIBullisharXiv – CS AI · May 297/10
🧠

KYA: A Framework-Agnostic Trust Layer for Autonomous Systems with Verifiable Provenance and Hierarchical Policy Composition

KYA (Know Your Agents) is an open-source trust and governance framework for autonomous systems that enables verifiable authorization, policy compliance, and post-hoc auditability across multi-agent environments. The system demonstrates strong security performance, detecting 89% of adversarial attacks while maintaining sub-millisecond latency and supporting 15+ agent frameworks.

AIBearisharXiv – CS AI · May 297/10
🧠

Finding DoRI: Discovery of Retained Images in Diffusion Models

Researchers challenge the assumption that memorization in text-to-image diffusion models can be localized to specific weights, demonstrating that pruning efforts can be bypassed through minor text embedding perturbations. The study reveals memorization is distributed throughout embedding space, suggesting current mitigation strategies are fundamentally fragile and requiring new approaches to protect training data privacy.

AIBearisharXiv – CS AI · May 297/10
🧠

Audio Jailbreaks in Large Audio-Language Models: Taxonomy, Attack-Defense Analysis, and Cost-Aware Evaluation

Researchers have developed a comprehensive taxonomy of jailbreak attacks and defenses for Large Audio Language Models (LALMs), identifying vulnerabilities across semantic, acoustic, signal, and embedding layers. The study reveals that current defenses create tradeoffs between robustness and usability, highlighting the need for cost-aware safety evaluation beyond simple success-rate metrics.

AIBearisharXiv – CS AI · May 297/10
🧠

Token Inflation: How Dishonest Providers Can Overcharge for Large Language Model Usage

Researchers demonstrate that LLM providers can systematically inflate token counts billed to users, with hidden reasoning tokens inflatable by up to 1,469% without detection. The core issue stems from a fundamental audit paradox: providers control both the tokenizer and execution, making verification impossible without independent verification mechanisms like trusted execution attestation or cryptographic proofs.

AI × CryptoNeutralarXiv – CS AI · May 297/10
🤖

Agora: Toward Autonomous Bug Detection in Production-Level Consensus Protocols with LLM Agents

Researchers introduced Agora, a multi-agent LLM framework designed to detect deep logic bugs in consensus protocols used by blockchains and distributed systems. The system discovered 15 previously unknown protocol-level bugs in major implementations (Raft, EPaxos, HotStuff, BullShark) that existing LLM approaches failed to identify, demonstrating the effectiveness of domain-aware collaborative AI for protocol verification.

AIBullisharXiv – CS AI · May 297/10
🧠

AgentDoG 1.5: A Lightweight and Scalable Alignment Framework for AI Agent Safety and Security

Researchers introduce AgentDoG 1.5, a lightweight AI safety framework designed to protect open-world agents like OpenClaw from emerging security risks. The framework uses only ~1k training samples to create efficient models (0.8B-8B parameters) that match closed-source alternatives while reducing deployment overhead by 100x, with all resources released openly.

🧠 GPT-5
← PrevPage 4 of 19Next →