AIBearishDecrypt – AI · Jun 257/10
🧠Anthropic has called on Congress to regulate AI model distillation after alleging that Alibaba-affiliated operators used nearly 25,000 fraudulent accounts to generate 28.8 million Claude API exchanges, potentially extracting proprietary model knowledge. The incident highlights vulnerabilities in API-based AI systems and raises questions about intellectual property protection in the competitive AI development landscape.
🏢 Anthropic🧠 Claude
AIBearishBlockonomi · Jun 257/10
🧠Anthropic has revealed that Alibaba allegedly orchestrated a large-scale AI model distillation attack using 25,000 fake accounts to extract and replicate the advanced capabilities of Claude. This incident represents one of the largest known attempts to steal proprietary AI model weights through automated access exploitation.
🏢 Anthropic🧠 Claude
AIBearisharXiv – CS AI · Jun 257/10
🧠Researchers propose a formal threat model framework for evaluating distillation defenses against black-box LLM attacks, arguing that existing output perturbation defenses lack clear specifications about attacker capabilities. The work demonstrates that defense effectiveness depends heavily on assumed threat parameters, raising concerns about false security claims in deployed systems.
GeneralBearishCrypto Briefing · Jun 107/10
📰ServiceNow has patched a vulnerability that was actively exploited against some of its customers, raising concerns about the security posture of major SaaS providers. The incident underscores growing cybersecurity risks in cloud infrastructure and their potential impact on customer confidence and business continuity.
AIBearisharXiv – CS AI · Jun 97/10
🧠Researchers demonstrated a novel prompt-injection attack that bypasses text-based LLM defenses by encoding malicious payloads as floating-point parameters and reconstructing them as fragmented telemetry. Testing across three commercial LLM APIs showed 94.3% attack success rate against leading defenses like Prompt Guard 2, revealing a critical gap in structured-input security.
CryptoNeutralBlockonomi · May 297/10
⛓️South Korea's Digital Asset Exchange Association (DAXA) has implemented stricter API key regulations requiring major exchanges to invalidate suspicious keys and deploy IP whitelisting. The policy addresses growing concerns about market manipulation as automated trading now comprises 30% of domestic crypto volume, following security breaches like the 2022 3Commas hack that exposed 100,000 API keys.
AIBearisharXiv – CS AI · May 297/10
🧠Researchers introduce KBF, a black-box auditing protocol that detects fraudulent LLM API substitutions by analyzing model behavior at knowledge boundaries. Testing across 16 production endpoints revealed all economically relevant model swaps without false positives, and identified inconsistencies in 7 of 27 model cells across major AI platforms, particularly affecting Claude premium endpoints.
🧠 Claude
AI × CryptoBearishCoinDesk · Apr 207/10
🤖Vercel, a critical infrastructure provider for web3 applications, experienced a security breach involving a compromised AI tool that potentially exposed API credentials used by crypto developers. The incident threatens the security of frontend applications that connect blockchain wallets to trading interfaces and backend services.
AIBearishIEEE Spectrum – AI · Feb 127/102
🧠Moltbook, the first social network for AI agents, launched on January 28th and quickly gained popularity despite significant security vulnerabilities. Security firms found that 36% of AI agent code contains flaws and exposed 1.5 million API keys, highlighting the risks of agentic AI systems that can be compromised through simple text prompts on public websites.
AINeutralarXiv – CS AI · Jun 46/10
🧠Researchers demonstrate that token ranking signatures from language model APIs are mathematically unforgeable—each model produces unique top-k token orderings that cannot be replicated by other models. While rankings leak less information than raw logits, they still enable approximate parameter theft, though APIs can mitigate this risk by restricting k to sufficiently small values.
AIBearishOpenAI News · Nov 266/104
🧠OpenAI disclosed a security incident involving their analytics partner Mixpanel that exposed limited API analytics data. The company confirmed that no API content, user credentials, or payment information was compromised in the breach.