Tag
The author built a vulnerable React Native app to test if LLMs could exploit a common Firebase misconfiguration, finding that only a few models (GPT 5.5, Deepseek V4 Pro, Claude Sonnet 4.6, Claude Opus 4-8) succeeded, with GPT 5.5 having the highest solve rate.
An AI-assisted security audit of FreeBSD uncovered 15 kernel vulnerabilities, including privilege escalations and a VM escape, and details the collaborative process of reporting and patching bugs with the FreeBSD team.
New research shows that imperceptible audio signals can hijack large audio-language models (LALMs) with 79-96% success, forcing them to execute unauthorized commands like web searches or sending emails. The technique, dubbed AudioHijack, targets generative models and works regardless of user input, posing a serious security risk to voice AI systems.