depthfirst's autonomous security agent scanned FFmpeg's 1.5M lines of C code and found 21 confirmed zero-days with working PoC inputs, some dormant for over 20 years.
Academic and industry research shaping the future of AI security, attack, and defence.
depthfirst's autonomous security agent scanned FFmpeg's 1.5M lines of C code and found 21 confirmed zero-days with working PoC inputs, some dormant for over 20 years.
AI vulnerability research found 10,000 critical flaws in a month. Mandiant reports 28.3% of CVEs exploited within 24 hours of disclosure. What this means for defenders.
LLMs with large context windows can be reliably jailbroken by embedding hundreds of fictitious dialogues before the target request. The attack scales with context length.
Backdoor behaviours introduced into LLMs during fine-tuning can persist through subsequent safety alignment including RLHF and adversarial training, surviving standard red-teaming.
Safety-aligned multimodal LLMs can be reliably jailbroken by encoding adversarial instructions as text within images, bypassing text-layer safety filters entirely.