7 matches found
TASO: Jailbreak LLMs Via Alternative Template and Suffix Optimization
Many recent studies showed that LLMs are vulnerable to jailbreak attacks, where an attacker can perturb the input of an LLM to induce it to generate an output for a harmful question. In general, existing jailbreak techniques either optimize a semantic template intended to induce the LLM to produc...
Distilling Lightweight Language Models for C/C++ Vulnerabilities
The increasing complexity of modern software systems exacerbates the prevalence of security vulnerabilities, posing risks of severe breaches and substantial economic loss. Consequently, robust code vulnerability detection is essential for software security. While Large Language Models LLMs have...
When Safety Detectors Aren'T Enough: a Stealthy and Effective Jailbreak Attack on LLMs Via Steganographic Techniques
Jailbreak attacks pose a serious threat to large language models LLMs by bypassing built-in safety mechanisms and leading to harmful outputs. Studying these attacks is crucial for identifying vulnerabilities and improving model security. This paper presents a systematic survey of jailbreak method...
Harry Potter Is Still Here! Probing Knowledge Leakage in Targeted Unlearned Large Language Models Via Automated Adversarial Prompting
This work presents LURK Latent UnleaRned Knowledge, a novel framework that probes for hidden retained knowledge in unlearned LLMs through adversarial suffix prompting. LURK automatically generates adversarial prompt suffixes designed to elicit residual knowledge about the Harry Potter domain, a...
Tor Cloud Shut Down Amid Lack of Support
The Tor Project has shuttered its cloud proxy service citing security vulnerabilities, usability bugs and a lack of resources. Tor offers its users the capacity to surf the Web anonymously, bouncing traffic through a series of relay servers so that no observer at any point can tell where that...
Cisco IOS XE Software Challenge/Response Bypass Vulnerability
A vulnerability in the request system shell command supported by specific Cisco IOS XE platforms WS-C3850, WS-C3650, AIR-CT5760, and WS-C4500X could allow an authenticated, local attacker with administrative privilege 15 to access the underlying Linux root shell. The vulnerability is due to...
id Software Quake II Server 3.20/3.21 Remote Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4744/info Quake II is a multiplayer game released by id Software. The source code has been made publically available, and versions are available for Windows and Linux. A vulnerability has been reported in some versions of...