AI – SSL and internet security news

We Are Still Unable to Secure LLMs from Malicious Inputs

August 27, 2025 infossl

AI, cyberattack, LLM, Security technology, Uncategorized

Nice indirect prompt injection attack: Bargury’s attack starts with a poisoned document, which is shared to a potential victim’s Google Drive. (Bargury says a victim could have also uploaded a compromised file to their own account.) It looks like an official document on company meeting policies. But inside the document, Bargury hid a 300-word malicious … Read More “We Are Still Unable to Secure LLMs from Malicious Inputs” »

AI Agents Need Data Integrity

August 22, 2025 infossl

AI, integrity, Security technology, trust, Uncategorized

Think of the Web as a digital territory with its own social contract. In 2014, Tim Berners-Lee called for a “Magna Carta for the Web” to restore the balance of power between individuals and institutions. This mirrors the original charter’s purpose: ensuring that those who occupy a territory have a meaningful stake in its governance. … Read More “AI Agents Need Data Integrity” »

Subverting AIOps Systems Through Poisoned Input Data

August 20, 2025 infossl

academic papers, AI, cyberattack, integrity, LLM, Security technology, Uncategorized

In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts, to detect problems and then suggest or carry out corrective actions. The likes of Cisco have deployed … Read More “Subverting AIOps Systems Through Poisoned Input Data” »

Eavesdropping on Phone Conversations Through Vibrations

August 18, 2025 infossl

academic papers, AI, cell phones, eavesdropping, Security technology, Uncategorized

Researchers have managed to eavesdrop on cell phone voice conversations by using radar to detect vibrations. It’s more a proof of concept than anything else. The radar detector is only ten feet away, the setup is stylized, and accuracy is poor. But it’s a start. Powered by WPeMatico

LLM Coding Integrity Breach

August 14, 2025 infossl

AI, integrity, LLM, Security technology, Uncategorized

Here’s an interesting story about a failure being introduced by LLM-written code. Specifically, the LLM was doing some code refactoring, and when it moved a chunk of code from one file to another it changed a “break” to a “continue.” That turned an error logging statement into an infinite loop, which crashed the system. This … Read More “LLM Coding Integrity Breach” »

AI Applications in Cybersecurity

August 13, 2025 infossl

AI, cybersecurity, Security technology, Uncategorized, videos

There is a really great series of online events highlighting cool uses of AI in cybersecurity, titled Prompt||GTFO. Videos from the first three events are online. And here’s where to register to attend, or participate, in the fourth. Some really great stuff here. Powered by WPeMatico

China Accuses Nvidia of Putting Backdoors into Their Chips

August 7, 2025 infossl

AI, backdoors, china, hardware, Security technology, Uncategorized

The government of China has accused Nvidia of inserting a backdoor into their H20 chips: China’s cyber regulator on Thursday said it had held a meeting with Nvidia over what it called “serious security issues” with the company’s artificial intelligence chips. It said US AI experts had “revealed that Nvidia’s computing chips have location tracking … Read More “China Accuses Nvidia of Putting Backdoors into Their Chips” »

Subliminal Learning in AIs

July 25, 2025 infossl

academic papers, AI, integrity, LLM, Security technology, trust, Uncategorized

Today’s freaky LLM behavior: We study subliminal learning, a surprising phenomenon where language models learn traits from model-generated data that is semantically unrelated to those traits. For example, a “student” model learns to prefer owls when trained on sequences of numbers generated by a “teacher” model that prefers owls. This same phenomenon can transmit misalignment … Read More “Subliminal Learning in AIs” »

The Age of Integrity

June 27, 2025 infossl

AI, LLM, Security technology, Uncategorized

We need to talk about data integrity. Narrowly, the term refers to ensuring that data isn’t tampered with, either in transit or in storage. Manipulating account balances in bank databases, removing entries from criminal records, and murder by removing notations about allergies from medical records are all integrity attacks. More broadly, integrity refers to ensuring … Read More “The Age of Integrity” »

What LLMs Know About Their Users

June 25, 2025 infossl

AI, data collection, data privacy, LLM, Security technology, surveillance, Uncategorized

Simon Willison talks about ChatGPT’s new memory dossier feature. In his explanation, he illustrates how much the LLM—and the company—knows about its users. It’s a big quote, but I want you to read it all. Here’s a prompt you can use to give you a solid idea of what’s in that summary. I first saw … Read More “What LLMs Know About Their Users” »