Newsletter Subscribe
Enter your email address below and subscribe to our newsletter

thenextwebnist+1thehackernews+1A confluence of research findings in recent weeks has exposed fresh vulnerabilities in the safety systems of major language models, prompting emergency responses from AI companies and, in one case, an unprecedented government intervention. The discoveries underscore what federal scientists now call a mathematical certainty: no fixed set of guardrails can block every adversarial attack.
Researchers at the Alan Turing Institute disclosed on Wednesday a "workflow-level jailbreak" that defeats GitHub Copilot's Microsoft Corporation safety filters by spreading harmful requests across a sequence of innocuous-looking coding steps. In direct chat, the assistant refused nearly all of 816 harmful prompts; spread across a workflow, it completed every one. The finding highlights a blind spot in prompt-by-prompt safety testing, the current industry standard.thenextweb
Separately, a paper presented at ICLR 2026 introduced Head-Masked Nullspace Steering, or HMNS, a technique that silences the internal "safety heads" in a model's attention layers and injects instructions into their blind spot. The method achieved attack success rates between 96% and 99% on benchmarks and remained effective against existing defenses like SafeDecoding.reddit+2
On June 9, the National Institute of Standards and Technology published a peer-reviewed proof by senior scientist Apostol Vassilev arguing that no finite guardrail system can be universally robust against adaptive adversarial prompts. "Gödel's logic applies here," Vassilev said. "You can never make a claim that you are robust against all adversarial prompt attacks". NIST recommended a shift to continuous red-teaming, regular updates, and operational resilience rather than treating safety as a finished feature.nist+1
The practical consequences arrived swiftly. After Amazon researchers jailbroken Anthropic's Claude Fable 5 shortly after its June 9 launch, the U.S. Commerce Department imposed export controls that forced Anthropic to disable the model globally for nearly three weeks. Anthropic redeployed Fable 5 on July 1 with a new safety classifier it says blocks the reported technique in over 99% of attempts.thehackernews+2
OpenAI faced its own reckoning in April, when the UK AI Safety Institute found a universal jailbreak for GPT-5.5 within six hours of expert red-teaming. The company's GPT-5.6, released this week, includes what it calls its "most robust" safeguards yet, with a classifier to detect jailbreak attempts and defense-in-depth strategies. Google Alphabet Inc. separately removed 18 Chrome extensions linked to chatbot-jailbreaking risks after Palo Alto Networks flagged them.aisi+4
The emerging consensus among researchers is blunt: jailbreaks are a permanent feature of AI systems, not a bug that will be patched away.resilientcyber