Jamie Hayes

benchmark arXiv Oct 10, 2025 · Oct 2025

Milad Nasr, Nicholas Carlini, Chawin Sitawarin et al. · OpenAI · Anthropic +6 more

Adaptive attacks via gradient descent, RL, and random search bypass 12 LLM jailbreak/prompt-injection defenses with >90% success rate

Input Manipulation Attack Prompt Injection nlp

34 citations 4 influentialPDF

tool arXiv Oct 10, 2025 · Oct 2025

Sven Gowal, Rudy Bunel, Florian Stimberg et al. · Google DeepMind

Deploys invisible deep-learning watermarks in 10B+ AI-generated images for provenance tracking with robustness to common perturbations

Output Integrity Attack visiongenerative

9 citations PDF

attack arXiv Oct 21, 2025 · Oct 2025

Federico Barbero, Xiangming Gu, Christopher A. Choquette-Choo et al. · University of Oxford · National University of Singapore +4 more

Extracts LLM alignment training data via chat template prompting, finding embedding similarity reveals 10x more memorization than string matching

Model Inversion Attack Sensitive Information Disclosure nlp

4 citations PDF

defense arXiv Oct 24, 2025 · Oct 2025

Nils Philipp Walter, Chawin Sitawarin, Jamie Hayes et al. · CISPA Helmholtz Center for Information Security · Google DeepMind +1 more

Defends LLM agents against indirect prompt injection via iterative sanitization, limiting adversarial attack success rate to 15%

Prompt Injection nlp

2 citations PDF

attack arXiv Jan 27, 2026 · 9w ago

Harsh Chaudhari, Ethan Rathbun, Hanna Foerster et al. · Northeastern University · University of Cambridge +4 more

Poisons LLM CoT training data by corrupting reasoning traces to inject targeted behaviors into unseen domains without altering queries or answers

Data Poisoning Attack Training Data Poisoning nlp

Papers in Database (5)