Roughly 12,000 hardcoded live API keys and passwords were found on Common Crawl, a large dataset used to train LLMs such as DeepSeek.Security pros say hardcoded credentials are dangerous because hackers can more easily exploit them to gain access to sensitive data, systems, and networks. The threat actor in this case practiced LLMJacking, in which cybercriminals … Read more
A new jailbreak method for large language models (LLMs) takes advantage of models’ ability to identify and score harmful content in order to trick the models into generating content related to malware, illegal activity, harassment and more. The “Bad Likert Judge” multi-step jailbreak technique was developed and tested by Palo Alto Networks Unit 42, and … Read more
Subverting LLM Coders Really interesting research: “An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection“: Abstract: Large Language Models (LLMs) have transformed code com-pletion tasks, providing context-based suggestions to boost developer productivity in software engineering. As users often fine-tune these models for specific applications, poisoning and backdoor attacks can … Read more
IBM 리서치의 사이언스 라이터(Science Writer)인 킴 마티노(Kim Martineau)가 ‘LLM에게 잊어버리라고 가르치는 이유’라는 블로그 콘텐츠를 통해 ‘대규모 언어 모델의 언러닝(large language model unlearning)’의 필요성과 중요성을 설명했다. 다음은 이를 요약한 내용이다. 머신 언러닝(Machine Unlearning)은 머신러닝(Machine Learning)의 반대 개념이다. 머신러닝이 다양한 데이터로 인공지능을 학습시켜 사람의 뇌처럼 기억하고 생각할 수 있도록 하는 기반을 만드는 것이라면, 머신 언러닝은 이러한 학습 … Read more
Attacks on large language models (LLMs) take less than a minute to complete on average, and leak sensitive data 90% of the time when successful, according to Pillar Security. Pillar’s State of Attacks on GenAI report, published Wednesday, revealed new insights on LLM attacks and jailbreaks, based on telemetry data and real-life attack examples from … Read more
