I do AI Security. I work in AI Security. I advocate AI Security. 👉 www.arewesafeyet.comhttps://bsky.app/profile/aisecurity.bsky.socialhttps://bsky.app/profile/aisecurity.bsky.social/post/3m4w4bcitwk2lResearchers showed that Anthropic's new "Agent Skills" feature can be hijacked with almost laughable ease. Security-by-design still hasn't made it onto the AI industry's to-do list. https://www.arewesafeyet.com/when-ai-breaks-things-cybersecurity-gets-the-bill/05 Nov 2025 22:34 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3m4w4bcitwk2lhttps://bsky.app/profile/aisecurity.bsky.social/post/3lnkk4pt3bc2uThe AI systems we increasingly depend on are fundamentally vulnerable. NIST’s latest report makes that reality plain, exposing the limits of today’s AI security measures and highlighting a growing disconnect between how AI is deployed and how it’s defended. https://www.arewesafeyet.com/adversarial-machine-learning-is-cybersecuritys-new-frontier/24 Apr 2025 10:52 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3lnkk4pt3bc2uhttps://bsky.app/profile/aisecurity.bsky.social/post/3llvmx3wr5k2iA new paper reveals that fine-tuning large language models on a seemingly narrow task – like writing insecure code – can trigger broad and deeply harmful behaviors. These include promoting violence, expressing authoritarian ideology, and encouraging self-harm. https://www.arewesafeyet.com/emergent-misalignment-narrow-finetuning-can-produce-broadly-misaligned-llms/03 Apr 2025 09:52 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3llvmx3wr5k2ihttps://bsky.app/profile/aisecurity.bsky.social/post/3lj3qwa7q7k2kThe UK realized AI might do more harm as a weapon than as an insensitive chatbot. They’ve rebranded their AI ‘Safety’ Institute to ‘Security’ Institute to focus on actual threats like cyberattacks. And yet, geopolitics pushed this change more than common sense. https://www.arewesafeyet.com/safety-is-dead-long-live-security/26 Feb 2025 16:03 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3lj3qwa7q7k2khttps://bsky.app/profile/aisecurity.bsky.social/post/3lirgpg2nm22pA new research paper introduces Indiana Jones, a highly effective method for jailbreaking large language models. It uses dialogues between multiple specialized AI systems and historically framed prompts to achieve high success rates. https://www.arewesafeyet.com/indiana-jones-there-are-always-some-useful-ancient-relics/22 Feb 2025 13:34 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3lirgpg2nm22phttps://bsky.app/profile/aisecurity.bsky.social/post/3lcubgqdjlk2eThis weekend I went through OpenAI's latest model system card. Definitely not your typical Sunday reading. From self-preservation tactics to outwitting oversight, #o1 GPT raises chilling questions about the fine line between tool and manipulator. https://www.arewesafeyet.com/deception-as-a-service-the-ai-that-refuses-to-hand-over-its-keys/09 Dec 2024 08:07 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3lcubgqdjlk2ehttps://bsky.app/profile/aisecurity.bsky.social/post/3l765nost432pAccording to Penn researchers, AI robots are fantastic at following orders. The problem? They don’t care if those orders come from you or a hacker. Safety features? Working on it. https://www.arewesafeyet.com/ai-robots-are-more-hackable-than-your-wi-fi/23 Oct 2024 08:45 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3l765nost432phttps://bsky.app/profile/aisecurity.bsky.social/post/3koed4xexmz2bLeveraging my decades-long background in #cybersecurity, I've written this article on the critical role of red teams in ensuring #AI safety and reliability. By adapting red teaming methodologies to AI, we can proactively identify risks and build trust in these transformative technologies. https://www.linkedin.com/pulse/red-teaming-proactive-approach-ai-safety-luca-sambucci-tbiaf/23 Mar 2024 11:30 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3koed4xexmz2bhttps://bsky.app/profile/aisecurity.bsky.social/post/3ko33ms36wg2fFascinating research on the security risks posed by the 'dark psychological states' of AI agents in multi-agent systems - a must-read for anyone working with or interested in the future of AI and its implications for cybersecurity. https://www.linkedin.com/pulse/psysafe-new-approach-multi-agent-system-security-luca-sambucci-uvosf/19 Mar 2024 19:22 +0000at://did:plc:6q5h4frbjr6da7goxeahcapz/app.bsky.feed.post/3ko33ms36wg2f