#data-poisoning — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #data-poisoning, aggregated by home.social.
-
«KI-Suche erklärt Trump für tot — Warum #DataPoisoning #FakeNews so gefährlich macht:
Künstliche Intelligenz soll das Auffinden von Informationen vereinfachen. Doch was passiert, wenn die Datenbasis gezielt mit absurden Details manipuliert wird, um Verwirrung zu stiften? Ein aktueller Vorfall demonstriert die Schwächen von #Suchmaschine'n eindrucksvoll.»Fiele User glauben dass die #KI neutral sei, doch so geht #Manipulation und das will kaum jemand wahrhaben wollen.
🤨 https://t3n.de/news/ki-suche-trump-tot-data-poisoning-fake-news-1749884/
-
«KI-Suche erklärt Trump für tot — Warum #DataPoisoning #FakeNews so gefährlich macht:
Künstliche Intelligenz soll das Auffinden von Informationen vereinfachen. Doch was passiert, wenn die Datenbasis gezielt mit absurden Details manipuliert wird, um Verwirrung zu stiften? Ein aktueller Vorfall demonstriert die Schwächen von #Suchmaschine'n eindrucksvoll.»Fiele User glauben dass die #KI neutral sei, doch so geht #Manipulation und das will kaum jemand wahrhaben wollen.
🤨 https://t3n.de/news/ki-suche-trump-tot-data-poisoning-fake-news-1749884/
-
❓ Intellectual Property and privacy are interlinked, and the lack of "Intellectual Privacy" is a hindrance to Freedom of Thought (FoT) and creativity.
#privacy #privacymatters #IntellectualProperty #intellectualprivacy #datapoisoning #ai #freedomofthought
-
❓ Intellectual Property and privacy are interlinked, and the lack of "Intellectual Privacy" is a hindrance to Freedom of Thought (FoT) and creativity.
#privacy #privacymatters #IntellectualProperty #intellectualprivacy #datapoisoning #ai #freedomofthought
-
#DataPoisoning is a real & growing threat to #AI.
Attackers use sophisticated techniques to stealthily undermine ML models by injecting malicious training data.
The good news? Detecting poisoned data is challenging, yet achievable.
🔗 Read the #InfoQ article to learn exactly how to detect & prevent these attacks: https://bit.ly/4ae29Cd
#AIsecurity -
#DataPoisoning is a real & growing threat to #AI.
Attackers use sophisticated techniques to stealthily undermine ML models by injecting malicious training data.
The good news? Detecting poisoned data is challenging, yet achievable.
🔗 Read the #InfoQ article to learn exactly how to detect & prevent these attacks: https://bit.ly/4ae29Cd
#AIsecurity -
Can't stop the signal. Poison it.
https://blog.digitalgrease.dev/posts/fauxx-cant-stop-the-signal
-
Can't stop the signal. Poison it.
https://blog.digitalgrease.dev/posts/fauxx-cant-stop-the-signal
-
Werbeagenturen steuern die Antworten von Modellen wie ChatGPT durch gekaufte Nutzer systematisch zugunsten bestimmter Produkte auf Reddit. Dieses Vorgehen etabliert sich im Marketing unter AI Engine Optimization (AEO). Die Plattform taucht in bis zu 10 Prozent der generierten Antworten als primäre Quelle auf.
-
The New Digital Battlefield: Why 2026 Demands a Hardened Security Stance
2,251 words, 12 minutes read time.
The digital landscape has fundamentally shifted, and if you are still looking at your network through the lens of yesterday’s defensive strategies, you are already behind. We have entered an era where the perimeter is not just porous; it is effectively non-existent. As we navigate 2026, the rise of agentic artificial intelligence has transformed the threat landscape from a series of isolated incidents into a continuous, automated, and relentless war of attrition. Adversaries are no longer manually probing for weaknesses during business hours; they are deploying autonomous software agents that scout, exploit, and pivot through complex multi-cloud environments without human intervention. This shift marks the end of the era where reactive patch management and static firewall rules could keep an enterprise safe. Analyzing the current trajectory of these automated threats, it is clear that the primary battlefield has moved from the network edge to the identity layer, making every single access request a potential point of compromise that requires immediate, granular verification.
The Weaponization of Intelligence and the Death of Perimeter Defense
The most significant change to the security landscape this year is the democratization of sophisticated offensive tools. Attackers have evolved beyond simple phishing schemes, utilizing generative models to craft hyper-personalized deception campaigns that are virtually indistinguishable from legitimate communications. These are not the poorly translated emails of a decade ago; these are synthesized audio, video, and text-based deepfakes that exploit human psychology by mimicking trusted colleagues or vendors. When I look at the rapid maturation of these technologies, I see a clear pattern of adversaries targeting the human element while simultaneously leveraging machine learning to identify and exploit zero-day vulnerabilities in public-facing applications. The traditional concept of a “trusted network” has been completely eroded by this reality. It is no longer enough to guard the gates; organizations must now assume that their internal environments are already compromised and operate with a mindset of constant, zero-trust verification.
Moving Beyond Prevention Toward Active Operational Resilience
Prevention remains a fundamental goal, but in 2026, it is no longer the sole pillar of a successful security posture. The smartest organizations are now shifting their focus toward operational resilience, which acknowledges the inevitability of a security incident and prioritizes the ability to withstand, contain, and recover from such events in real time. This transition requires a move away from reliance on human analysts to manually triage every alert. We are seeing a necessary pivot toward automated incident response frameworks that can detect anomalies and orchestrate remediation actions at machine speed. By integrating security orchestration, automation, and response tools into a unified platform, security teams are finally beginning to close the gap between detection and mitigation. This level of responsiveness is the only way to counter the speed of agentic AI attacks, as traditional manual processes are simply too slow to keep pace with an adversary that never sleeps and never tires.
The Silent Expansion of the Shadow AI WorkforceOne of the most insidious threats currently facing enterprises is the unchecked proliferation of shadow AI agents. In 2026, it is no longer just about employees using unapproved chatbots to summarize meeting notes; we are witnessing the deployment of autonomous agents that have been granted direct, persistent access to critical business data and internal systems. These digital coworkers operate with a level of agency that far outstrips simple automation, performing tasks like financial reporting, supply chain adjustments, and email management without constant human oversight. When an organization fails to maintain a comprehensive inventory of these agents, it effectively creates a shadow workforce that exists entirely outside the purview of traditional identity and access management systems. This identity sprawl introduces a massive, hidden attack surface where a single misconfigured agent—or one compromised through a malicious prompt injection—can initiate a cascade of unauthorized actions across the corporate network. Because these agents are designed to move data and execute processes, they essentially function as authorized insiders with elevated privileges, making the task of distinguishing between legitimate autonomous operations and malicious activity an increasingly complex needle-in-a-haystack problem.
Why Identity Has Replaced the Network as the Primary Battleground
For years, the industry obsessed over the network perimeter, pouring capital into firewalls and intrusion detection systems to keep the bad guys out. That era is definitively over. In the current threat environment, identity is the new perimeter, and it is failing under the weight of AI-powered credential abuse and deepfake deception. Attackers are no longer focused on finding a hole in a firewall; they are finding ways to walk through the front door using stolen or synthesized credentials that appear entirely authentic. When I evaluate the efficacy of modern security controls, it is obvious that static multi-factor authentication is no longer enough to stop an adversary who can perform real-time biometric spoofing or orchestrate a multi-stage social engineering attack that mimics an executive’s voice or likeness during a critical transaction. Every single access request must now be treated as a high-stakes event, validated against real-time behavioral patterns, device health telemetry, and geolocation data. We have moved into a world where trust must be continuously earned through granular verification, and any system that assumes a user or an agent is “trusted” based on a single point of entry is simply begging to be exploited.
The Rising Tide of Supply Chain and API Vulnerabilities
While the focus on agentic AI and identity is necessary, we cannot afford to ignore the systemic rot within our interconnected software ecosystems. Modern applications are built on a sprawling web of third-party APIs, open-source libraries, and cloud-native integrations that create countless back doors into an organization’s most sensitive data. Attackers have realized that they do not need to break through the fortified front door of a target company when they can instead compromise a trusted vendor, a CI/CD workflow, or an OAuth token that grants them indirect, authenticated access. The data from the past year confirms a dramatic increase in the exploitation of public-facing applications, often leveraged through these compromised trust relationships. This means that an organization’s security posture is only as strong as its weakest third-party integration. Moving forward, the only way to mitigate this risk is to treat every API and every software dependency as a potential ingress point, enforcing rigorous oversight and ensuring that security transparency extends far beyond the internal walls of the enterprise.
The Escalation of Data Poisoning and Model Integrity Risks
While much of the industry attention has been captured by the potential for AI-driven external attacks, there is an equally dangerous, albeit quieter, evolution occurring within the integrity of the data that powers these systems. We are currently facing a crisis of confidence regarding the inputs that drive corporate decision-making and autonomous workflows. In 2026, it is not enough to secure the infrastructure; we must now confront the reality of data poisoning, where adversaries inject subtle, malicious anomalies into the datasets used for training or fine-tuning enterprise machine learning models. This is not about a sudden, catastrophic system failure that triggers a loud alarm; it is about the gradual, calculated subversion of business logic. When an attacker successfully manipulates the underlying data, they can induce a model to make flawed recommendations, prioritize fraudulent transactions, or ignore malicious patterns in security logs. This turns a company’s most potent technological asset into a Trojan horse, working silently against the organization’s interests from the inside out. Securing the data pipeline has become a top-tier security imperative, requiring rigorous provenance tracking, continuous auditability of training sets, and the implementation of robust adversarial training techniques designed to identify and reject manipulated inputs before they can degrade the model’s reliability.
Addressing the Looming Talent Gap and Defensive Burnout
The rapid pace of technological change is not only taxing our technical systems; it is pushing human defenders to their absolute breaking point. We are operating in an environment where the volume, variety, and velocity of security alerts have completely outstripped the cognitive capacity of traditional security operations center teams. Expecting human analysts to keep pace with adversaries who are utilizing automated agents to conduct attacks at machine speed is a recipe for failure and inevitable burnout. This is why the integration of advanced analytics and automated triage is no longer just a luxury for the largest organizations; it is a fundamental survival requirement. The goal is to move the human element up the value chain, shifting the focus from mundane, repetitive monitoring tasks toward high-level threat hunting, architecture design, and strategic oversight. By offloading the grunt work of log aggregation, initial correlation, and basic incident containment to intelligent machines, we can preserve the sanity of our teams while simultaneously reducing the dwell time of attackers within our environments. A security strategy that fails to account for the human element of this equation is doomed to fall apart as the attrition rates in cybersecurity continue to climb in response to this relentless, high-pressure digital conflict.
Building a Future-Proof Architecture Based on Radical Transparency
Looking toward the remainder of this year and beyond, the only way for any organization to maintain a viable security stance is to embrace a philosophy of radical transparency and aggressive defensive engineering. We must abandon the secrecy that has historically defined corporate security departments and instead adopt a model of shared intelligence. This means actively participating in industry threat-sharing consortia, automating the ingestion of real-time indicators of compromise, and building systems that are designed to be observable at every layer of the stack. A closed, proprietary system is inherently more fragile in the current climate than an open, well-audited, and resilient architecture. We need to move toward a future where security controls are not just bolted onto existing infrastructure as an afterthought, but are instead natively woven into the software development lifecycle, the CI/CD pipeline, and the very identity frameworks that govern access. The threats we face today are systemic and collaborative; our defenses must be equally coordinated, pervasive, and uncompromising if we are to have any hope of maintaining control over our digital domains.
The Final Synthesis: Adapting to the Persistent Threat Paradigm
As we look toward the horizon, it becomes clear that the distinction between a peaceful digital state and an active security incident has effectively dissolved. We are no longer living in a world of binary outcomes where one is either secure or compromised. Instead, we are navigating a permanent state of high-intensity conflict where persistent, automated threats constantly probe for the slightest deviation in our operational baseline. Success in this environment is not defined by the absence of attacks, but by the ability to maintain the continuity of business operations while under fire. This requires a fundamental departure from the legacy mindset of static defenses and annual compliance audits. It demands a posture that is defined by agility, continuous monitoring, and the willingness to radically restructure how we manage identity, data, and software supply chains. The organizations that thrive will be those that accept this reality and invest heavily in the defensive infrastructure that allows them to observe, adapt, and respond faster than the adversary can evolve.
Institutionalizing Vigilance as a Core Business Function
The ultimate takeaway from the current threat landscape is that cybersecurity can no longer be sequestered into a back-office IT department. It must be elevated to a board-level priority that dictates how the company handles everything from vendor selection to product development. When leadership treats security as a checkbox, they are fundamentally misunderstanding the existential risk that these automated threats pose to their market position and operational integrity. I see this reality manifesting in the increasing frequency of leadership turnover within organizations that fail to treat security as a first-order business risk. If you are not integrating security into your organizational DNA, you are building your future on a foundation that is already actively being undermined by adversaries. Establishing a culture of vigilance means fostering a workforce that is trained to recognize the signs of deception, ensuring that security-by-design is non-negotiable for every engineering team, and maintaining a budget that reflects the severity of the threat landscape.
Securing the Path Forward in a Hostile Digital Ecosystem
In closing, the path forward is narrow and requires an uncompromising commitment to technical excellence. We cannot afford to be complacent, nor can we afford to trust in the effectiveness of legacy solutions that were never designed to operate against AI-driven adversaries. The future of security is about visibility, automation, and the ruthless elimination of unnecessary trust. It is about building a defense that is as intelligent, distributed, and persistent as the threats we are up against. This is not a short-term project that can be completed and filed away; it is a permanent change in how we operate, build, and interact in the digital world. The landscape will continue to shift, and the tools available to our adversaries will continue to improve, but by focusing on robust identity management, resilient architecture, and an unwavering commitment to data integrity, we can maintain the upper hand. The battle for the digital future is ongoing, and only those who are willing to adapt, innovate, and secure their environments with extreme prejudice will remain standing when the smoke clears.
SUPPORTSUBSCRIBECONTACT MED. Bryan King
Sources
- CISA Cybersecurity Advisories
- NIST Cybersecurity Framework
- ENISA Threat Landscape Reports
- SANS Institute Security Blog
- Gartner Cybersecurity Research
- CrowdStrike Global Threat Report
- Mandiant M-Trends Report
- Palo Alto Networks Cyberpedia
- Google Security Blog
- Microsoft Security Blog
- IBM Cost of a Data Breach Report
- CIS Critical Security Controls
- Cybereason Defense Blog
- Dark Reading
- The Hacker News
- Recorded Future Intelligence
- Rapid7 Security Blog
- Unit 42 Threat Intelligence
- FireEye Threat Research
- Tenable Research Blog
- AlienVault Security Essentials
- Varonis Data Security Blog
- Proofpoint Security Blog
- Trend Micro Security News
- Check Point Research
- Recorded Future Threat Intelligence
- Kaspersky Daily
- FortiGuard Labs
- Cisco Security Reports
- Splunk Security Blog
- CrowdStrike Blog
- CyberScoop
- SC Media
- ZDNet Security
- BleepingComputer
Disclaimer:
The views and opinions expressed in this post are solely those of the author. The information provided is based on personal research, experience, and understanding of the subject matter at the time of writing. Readers should consult relevant experts or authorities for specific guidance related to their unique situations.
Related Posts
Rate this:
#agenticAIThreats #AIDrivenThreats #APIVulnerabilities #automatedDefense #automatedIncidentResponse #automatedSecurityTools #autonomousCyberAttacks #behavioralAnalytics #biometricSpoofing #cloudSecurity #credentialAbuse #cyberHygiene #cyberResilience #cyberRiskManagement #cyberWarfare #cybersecurityBestPractices #cybersecurityFuture #cybersecurityLeadership #cybersecurityPosture #cybersecurityStrategy #cybersecurityTrends2026 #dataPoisoning #deepfakeDetection #digitalInfrastructure #enterpriseProtection #enterpriseRisk #enterpriseSecurity #identityCentricSecurity #incidentManagement #informationSecurity #modelIntegrity #networkDefense #operationalResilience #riskManagement #securityAutomation #securityOperationsCenter #securityByDesign #shadowAI #softwareSupplyChain #supplyChainSecurity #threatHunting #threatIntelligence #threatLandscape #threatMitigation #ZeroTrustArchitecture -
Data Poisoning: Gift im System | DIE ZEIT
https://www.zeit.de/digital/2026-05/data-poisoning-ki-cyberangriff-chatbot-internetkolumne"Sie wollten KI-Systeme davon überzeugen, dass die Mottenart neopalpa donaldtrumpi eine üppige blonde Frisur hat – so wie der Politiker, dessen Haare unverwechselbar sind"
"Eine Weile später stellten die Künstlerinnen fest, dass generative KIs wie ChatGPT Bilder von Motten mit langen blonden Haaren generieren, wenn man sie bittet, neopalpa donaldtrumpi darzustellen."
Gehen wir Daten vergiften im Netz...
-
Data Poisoning: Gift im System | DIE ZEIT
https://www.zeit.de/digital/2026-05/data-poisoning-ki-cyberangriff-chatbot-internetkolumne"Sie wollten KI-Systeme davon überzeugen, dass die Mottenart neopalpa donaldtrumpi eine üppige blonde Frisur hat – so wie der Politiker, dessen Haare unverwechselbar sind"
"Eine Weile später stellten die Künstlerinnen fest, dass generative KIs wie ChatGPT Bilder von Motten mit langen blonden Haaren generieren, wenn man sie bittet, neopalpa donaldtrumpi darzustellen."
Gehen wir Daten vergiften im Netz...
-
How to poison the #data that #BigTech uses to surveil you.
#AI #DataPoisoning
https://www.technologyreview.com/2021/03/05/1020376/resist-big-tech-surveillance-data -
How to poison the #data that #BigTech uses to surveil you.
#AI #DataPoisoning
https://www.technologyreview.com/2021/03/05/1020376/resist-big-tech-surveillance-data -
Data Poisoning: The Fatal Flaw in Mass Surveillance
How to use data poisoning to trick the algorithm that’s profiling you (and why “personalization” is more fragile than you think)
https://youtu.be/AJf4SNuDnoI?si=lUk9FDVnOU9mkZJB
Note: For education and defensive awareness only. I’m explaining the concept of data poisoning so teams can recognize risks and build safer systems. I’m not encouraging or providing guidance for misuse. :)
#DataPoisoning #AI #Algorithms #DataMining #DataPrivacy #Security
-
Data Poisoning: The Fatal Flaw in Mass Surveillance
How to use data poisoning to trick the algorithm that’s profiling you (and why “personalization” is more fragile than you think)
https://youtu.be/AJf4SNuDnoI?si=lUk9FDVnOU9mkZJB
Note: For education and defensive awareness only. I’m explaining the concept of data poisoning so teams can recognize risks and build safer systems. I’m not encouraging or providing guidance for misuse. :)
#DataPoisoning #AI #Algorithms #DataMining #DataPrivacy #Security
-
Shadow AI: This New Productivity Secret Is Also a Massive Liability https://www.inc.com/chloe-aiello/shadow-ai-silicon-valleys-new-productivity-secret-is-also-a-massive-liability/91331997 #cybersecurity #risk #ShadowAI #AI #ArtificialIntelligence #DataLeaks #DataPoisoning #misinformation
-
Shadow AI: This New Productivity Secret Is Also a Massive Liability https://www.inc.com/chloe-aiello/shadow-ai-silicon-valleys-new-productivity-secret-is-also-a-massive-liability/91331997 #cybersecurity #risk #ShadowAI #AI #ArtificialIntelligence #DataLeaks #DataPoisoning #misinformation
-
I've used Fawkes, which is a tool which poisons any image's data, and obfuscates everything that might be in an image by adding extra pixels and shifting a few to different directions.
The final result is something that's completely different from the original, but barely is noticeable to the human eye. - and a win for privacy.
So even if you have #nobot in your bio, you can be a bit more assured that your face won't be trained for any AI system.
-
To promote human creativity and fight the theft of said creations by AI I absolutely support #datapoisoning in all forms.
-
NEW BIML Bibliography entry
https://arxiv.org/abs/2503.03150
Position: Model Collapse Does Not Mean What You Think
Rylan Schaeffer, Joshua Kazdan, Alvan Caleb Arulandu, Sanmi Koyejo
We think recursive pollution is a better term than model collapse. Weak terminology leads to misunderstanding of impact. See figure 4. This is a very good paper.
-
NEW BIML Bibliography entry
https://arxiv.org/abs/2503.03150
Position: Model Collapse Does Not Mean What You Think
Rylan Schaeffer, Joshua Kazdan, Alvan Caleb Arulandu, Sanmi Koyejo
We think recursive pollution is a better term than model collapse. Weak terminology leads to misunderstanding of impact. See figure 4. This is a very good paper.
-
History teaches us the FBI is pretty good tracing people running manual DDoS attacks. To actually pull this off without getting busted, you'd need some angry engineers
There are plenty right now. With Google forcing mandatory verification and closing AOSP, many open-source devs feel cornered. They'd be the perfect candidates to slip a 'Trojan horse' right into their apps on the stores, maybe hidden inside a compromised open-source library. Devs could claim they just 'imported a library' without knowing it was poisoned
It's a supply chain attack: plausible deniability for the coders too. Users would just be 'victims' of malware, so no one gets arrested and age check and chat control will be unusable
I'm not an engineer though, so maybe I'm missing something. Just a thought for more elevated minds..
#SupplyChainAttack #CyberResistance #TrojanHorse #DDosTrojanHorse #DataPoisoning #STASI #ChatControl #AgeCheck #Privacy #DDos
#DigitalDisobedience #KGB #VirusTrojanHorse #DDosTrojanHorse -
History teaches us the FBI is pretty good tracing people running manual DDoS attacks. To actually pull this off without getting busted, you'd need some angry engineers
There are plenty right now. With Google forcing mandatory verification and closing AOSP, many open-source devs feel cornered. They'd be the perfect candidates to slip a 'Trojan horse' right into their apps on the stores, maybe hidden inside a compromised open-source library. Devs could claim they just 'imported a library' without knowing it was poisoned
It's a supply chain attack: plausible deniability for the coders too. Users would just be 'victims' of malware, so no one gets arrested and age check and chat control will be unusable
I'm not an engineer though, so maybe I'm missing something. Just a thought for more elevated minds..
#SupplyChainAttack #CyberResistance #TrojanHorse #DDosTrojanHorse #DataPoisoning #STASI #ChatControl #AgeCheck #Privacy #DDos
#DigitalDisobedience #KGB #VirusTrojanHorse #DDosTrojanHorse -
I see people thinking Linux or GrapheneOS will bypass chat control or age check. As seen with Ubuntu&CA's AB 1043, laws target OS providers. An "illegal" OS won't work: apps and browsers will demand the mandatory age signal, or the OS itself might block access to avoid fines. VPNs? Useless when USA, EU, and Canada etc enforce agechecks globally
If this madness passes, let's fight back and turn every device into a weapon of digital disobedience. Imagine an 'outlaw' OS mod appending a 'payload of forbidden words' (hidden in metadata) to every message
If millions sent these 'poisoned' messages, Chat Control would collapse under false positives
Risk: Could they brick our phones? Yes. But if millions get blocked simultaneously? Instant economic blackout. It's Mutually Assured Destruction: they can't ban everyone.
If everything is suspicious, nothing isThey scan for pedophiles but ignore #EpsteinFiles
#DataPoisoning #ChatControl #AgeCheck #Privacy #DDos #DigitalDisobedience #STASI #KGB
-
I see people thinking Linux or GrapheneOS will bypass chat control or age check. As seen with Ubuntu&CA's AB 1043, laws target OS providers. An "illegal" OS won't work: apps and browsers will demand the mandatory age signal, or the OS itself might block access to avoid fines. VPNs? Useless when USA, EU, and Canada etc enforce agechecks globally
If this madness passes, let's fight back and turn every device into a weapon of digital disobedience. Imagine an 'outlaw' OS mod appending a 'payload of forbidden words' (hidden in metadata) to every message
If millions sent these 'poisoned' messages, Chat Control would collapse under false positives
Risk: Could they brick our phones? Yes. But if millions get blocked simultaneously? Instant economic blackout. It's Mutually Assured Destruction: they can't ban everyone.
If everything is suspicious, nothing isThey scan for pedophiles but ignore #EpsteinFiles
#DataPoisoning #ChatControl #AgeCheck #Privacy #DDos #DigitalDisobedience #STASI #KGB
-
I've got an alternative idea if this madness actually goes through and we can't find a solution to circumvent it legally or not....
Instead of just running, let's turn every single phone into a weapon of digital disobedience.Imagine if an 'outlaw' OS (or a simple mod) automatically appended a 'bag of forbidden words' to every message, hidden in metadata or invisible text, containing a random mix of terms guaranteed to trigger the system.
If millions of people sent billions of these 'poisoned' messages, Chat Control would collapse under the sheer weight of false positives. It would be the biggest DDoS attack in history, powered purely by civil disobedience......If everything is suspicious, nothing is.
#DDoS #FalsePositives #DataPoisoning #ChatContol #AgeVerification #AgeCheck
-
I've got an alternative idea if this madness actually goes through and we can't find a solution to circumvent it legally or not....
Instead of just running, let's turn every single phone into a weapon of digital disobedience.Imagine if an 'outlaw' OS (or a simple mod) automatically appended a 'bag of forbidden words' to every message, hidden in metadata or invisible text, containing a random mix of terms guaranteed to trigger the system.
If millions of people sent billions of these 'poisoned' messages, Chat Control would collapse under the sheer weight of false positives. It would be the biggest DDoS attack in history, powered purely by civil disobedience......If everything is suspicious, nothing is.
#DDoS #FalsePositives #DataPoisoning #ChatContol #AgeVerification #AgeCheck
-
I have great respect for Bruce Schneier, but his recent blog post about AI poisoning left my tiny mind boggled.
1/n
-
Apropos of content heists…
DIY anti-scraping movement, why bother blocking when you can’t win? Poison instead. https://alexschroeder.ch/view/2026-02-20-garbage
-
Apropos of content heists…
DIY anti-scraping movement, why bother blocking when you can’t win? Poison instead. https://alexschroeder.ch/view/2026-02-20-garbage
-
Data Poisoning — The Silent Sabotage of AI
https://youtu.be/J-tsemViDXk #Cybersecurity #ArtificialIntelligence #AIsecurity #DataPoisoning #MachineLearning #AIrisk #AISafety #ModelSecurity #FoundationModels #CyberRisk #Infosec #DigitalTrust -
NEW BIML Bibliography entry AND NEW TOP FIVE #MLsec PAPER
READ IT
https://arxiv.org/pdf/2510.07192
Poisoning Attacks on LLMs Require a Near-constant Number of Poison Samples
Alexandra Souly, ... Nicholas Carlini, et al
Excellent paper, clear and well-stated (like all Carlini papers). This result shows that recursive pollution risk is even greater than we thought. Injecting backdoors is pretty easy. The examples are a bit simplistic.
-
NEW BIML Bibliography entry AND NEW TOP FIVE #MLsec PAPER
READ IT
https://arxiv.org/pdf/2510.07192
Poisoning Attacks on LLMs Require a Near-constant Number of Poison Samples
Alexandra Souly, ... Nicholas Carlini, et al
Excellent paper, clear and well-stated (like all Carlini papers). This result shows that recursive pollution risk is even greater than we thought. Injecting backdoors is pretty easy. The examples are a bit simplistic.
-
[Publication] From Human to Binary and Back: On the Need to Explain and Understand Digital Machines in the Humanities
The issue vol. 5 no. 1 (2025), titled “Human-Centred AI in the Translation Industry. Questions on Ethics, Creativity and Sustainability”, of the Yearbook of Translational Hermeneutics is out. It is edited by prof. Katharina Walter and prof. Marco Agnetta, and it includes my article “From Human to Binary and Back: On the Need to Explain and Understand Digital Machines in the Humanities“, a paper that I first presented at the conference “Creativity and Translation in the Age of Artificial Intelligence” at the University of Innsbruck in January 2024.
As the editors write in the introduction, “from different perspectives, the contributions gathered here aim to prevent the discussion on AI from being reduced to questions of technical feasibility. Instead, they frame the de-bate on AI as a profoundly human and societal one”.
In the article I argue that we need to deepen our knowledge of the digital machines we use and to develop critical approaches in our research, translation and creative practices, highlighting theoretical-practical uses from a socio-technical perspective.
Here is the abstract:
This article aims to bring attention to some usually overlooked aspects of the relationship between humans and complex digital technologies. Before engaging with artificial intelligence (AI), it is indeed pivotal to address some key questions about it. Specifically, I will try to focus on our ability to understand how AI technologies work and determine creative and critical uses we can make of them. To do so, I will first discuss problems associated with using the current definitions of AI and suggest that we should make a creative effort to re-translate these terms in order to find better-suited expressions. I will call attention to the need for a different kind of translation, which negotiates between what machines do and what we can understand about them, because one of the biggest challenges of machine learning is to make the internal processes explainable and understandable for us humans. I will close with elaborations on some creative forms of interaction with language models and image models which support artists, writers and creators (who do not want to see their work stolen by AI crawlers and used to train datasets), with the overall goal of building an ethical, critical and sustainable relationship between humans and digital machines.
#AI #algorithmicSabotage #antiComputing #artificialIntelligence #dataPoisoning #digitalHumanities #KatharinaWalter #MarcoAgnetta #translation #YearbookOfTranslationalHermeneutics
-
HTML 주석으로 AI 모델 망가뜨리기: 250개면 충분하다
AI 스크래퍼들이 HTML 주석 속 링크까지 수집하는 치명적 약점을 발견. 250개의 조작된 문서만으로 거대 언어모델을 무력화할 수 있다는 최신 연구와 함께 실전 대응 전략을 소개합니다. -
#DataPoisoning bei LLMs: Feste Zahl Gift-Dokumente reicht für Angriff | heise online https://www.heise.de/news/Data-Poisoning-bei-LLMs-Feste-Zahl-Gift-Dokumente-reicht-fuer-Angriff-10764834.html #ArtificialIntelligence
-
#DataPoisoning bei LLMs: Feste Zahl Gift-Dokumente reicht für Angriff | heise online https://www.heise.de/news/Data-Poisoning-bei-LLMs-Feste-Zahl-Gift-Dokumente-reicht-fuer-Angriff-10764834.html #ArtificialIntelligence
-
Odkryto piętę achillesową AI. Wystarczy 250 plików, by „zatruć” ChatGPT i Gemini
Wspólne badanie czołowych instytucji zajmujących się sztuczną inteligencją, w tym The Alan Turing Institute i firmy Anthropic, ujawniło fundamentalną i niepokojącą lukę w bezpieczeństwie dużych modeli językowych (LLM).
Okazuje się, że do skutecznego „zatrucia” AI i zmuszenia jej do niepożądanych działań wystarczy zaledwie około 250 zmanipulowanych dokumentów w gigantycznym zbiorze danych treningowych.
Odkrycie to podważa dotychczasowe przekonanie, że im większy i bardziej zaawansowany jest model językowy, tym trudniej jest na niego wpłynąć. Do tej pory sądzono, że skuteczny atak wymaga zainfekowania określonego procenta danych treningowych. Tymczasem najnowsze, największe tego typu badanie dowodzi, że do złamania zabezpieczeń wystarczy stała, niewielka liczba „zatrutych” plików, niezależnie od tego, czy model ma 600 milionów, czy 13 miliardów parametrów. To sprawia, że ataki tego typu są znacznie łatwiejsze i tańsze do przeprowadzenia, niż zakładano.
Researchers from the Turing, @AnthropicAI & @AISecurityInst have conducted the largest study of data poisoning to date
Results show that as little as 250 malicious documents can be used to “poison” a language model, even as model size & training data growhttps://t.co/UPqJKGcLmd
— The Alan Turing Institute (@turinginst) October 9, 2025
Na czym polega „zatruwanie danych”?
Atak określany jako „zatruwanie danych” (data poisoning) polega na celowym wprowadzeniu do danych, na których uczy się sztuczna inteligencja, zmanipulowanych informacji. Celem jest stworzenie tzw. „tylnej furtki” (backdoor), która aktywuje się w określonych warunkach. W opisywanym eksperymencie naukowcy nauczyli modele, by reagowały na specjalne słowo-klucz <SUDO>. Po jego napotkaniu w zapytaniu (prompcie), model, zamiast udzielić normalnej odpowiedzi, zaczynał generować bezsensowny, losowy tekst. Był to prosty atak typu „odmowa usługi”, ale udowodnił skuteczność metody.
Alarmujące wnioski i realne zagrożenie
Wyniki badania są alarmujące, ponieważ większość najpopularniejszych modeli AI, w tym te od Google i OpenAI, trenowana jest na ogromnych zbiorach danych pochodzących z ogólnodostępnego internetu – stron internetowych, blogów czy forów. Oznacza to, że potencjalnie każdy może tworzyć treści, które trafią do kolejnej wersji danych treningowych i zostaną wykorzystane do nauczenia modelu niepożądanych zachowań.
Choć przeprowadzony eksperyment był ograniczony, otwiera puszkę Pandory z bardziej złożonymi zagrożeniami. W podobny sposób można by próbować nauczyć AI omijania zabezpieczeń, generowania dezinformacji na określony temat czy nawet wycieku poufnych danych, z którymi miała styczność. Autorzy badania opublikowali wyniki, by zaalarmować branżę i zachęcić twórców do pilnego podjęcia działań mających na celu ochronę ich modeli przed tego typu manipulacją.
#AI #ChatGPT #cyberbezpieczeństwo #dataPoisoning #Gemini #hakerzy #LLM #news #sztucznaInteligencja #technologia #TheAlanTuringInstitute #zatruwanieDanych
-
Researchers Find It's Shockingly Easy to Cause AI to Lose Its Mind by Posting Poisoned Documents Online https://futurism.com/artificial-intelligence/ai-poisoned-documents #AI #cybersecurity #datapoisoning #poisoned #documents #posted #online
-
'Data Poisoning' kannte ich noch nicht. Gibts schon digitale Freiheitskämpfer die das gegen LLM einsetzen? Bzw. braucht es die ja gar nicht, geschieht ja auch so systemimmanent schon.
Gibts eine Bezeichnung (Wort) für ein sich selbst zerstörendes System? (So wie bei Kapitalismus z.B.)
KI = Kranke Informationstechnologie 🙃
AI = Anfällige Informationstechnologie 🤔 -
'Data Poisoning' kannte ich noch nicht. Gibts schon digitale Freiheitskämpfer die das gegen LLM einsetzen? Bzw. braucht es die ja gar nicht, geschieht ja auch so systemimmanent schon.
Gibts eine Bezeichnung (Wort) für ein sich selbst zerstörendes System? (So wie bei Kapitalismus z.B.)
KI = Kranke Informationstechnologie 🙃
AI = Anfällige Informationstechnologie 🤔 -
How easy is it to "poison" a large language model's data? Much easier than experts previously thought. New research from the Alan Turing Institute indicates that only 250 documents are needed to be inserted in order to manipulate a model's behavior. Here's more from institute's blog, including a link to the original paper.
#Technology #Tech #ArtificialIntelligence #AI #LargeLanguageModels #LLM #DataPoisoning
-
How easy is it to "poison" a large language model's data? Much easier than experts previously thought. New research from the Alan Turing Institute indicates that only 250 documents are needed to be inserted in order to manipulate a model's behavior. Here's more from institute's blog, including a link to the original paper.
#Technology #Tech #ArtificialIntelligence #AI #LargeLanguageModels #LLM #DataPoisoning
-
"In a joint study with the UK AI Security Institute and the Alan Turing Institute, we found that as few as 250 malicious documents can produce a "backdoor" vulnerability in a large language model—regardless of model size or training data volume. Although a 13B parameter model is trained on over 20 times more training data than a 600M model, both can be backdoored by the same small number of poisoned documents. Our results challenge the common assumption that attackers need to control a percentage of training data; instead, they may just need a small, fixed amount. Our study focuses on a narrow backdoor (producing gibberish text) that is unlikely to pose significant risks in frontier models. Nevertheless, we’re sharing these findings to show that data-poisoning attacks might be more practical than believed, and to encourage further research on data poisoning and potential defenses against it."
https://www.anthropic.com/research/small-samples-poison
#AI #GenerativeAI #LLMs #Chatbots #CyberSecurity #DataPoisoning
-
"In a joint study with the UK AI Security Institute and the Alan Turing Institute, we found that as few as 250 malicious documents can produce a "backdoor" vulnerability in a large language model—regardless of model size or training data volume. Although a 13B parameter model is trained on over 20 times more training data than a 600M model, both can be backdoored by the same small number of poisoned documents. Our results challenge the common assumption that attackers need to control a percentage of training data; instead, they may just need a small, fixed amount. Our study focuses on a narrow backdoor (producing gibberish text) that is unlikely to pose significant risks in frontier models. Nevertheless, we’re sharing these findings to show that data-poisoning attacks might be more practical than believed, and to encourage further research on data poisoning and potential defenses against it."
https://www.anthropic.com/research/small-samples-poison
#AI #GenerativeAI #LLMs #Chatbots #CyberSecurity #DataPoisoning
-
New research finds LLMs can be poisoned with as few as 250 malicious documents - model size doesn’t matter.
Hidden backdoors trigger gibberish or manipulated output.
-
New research finds LLMs can be poisoned with as few as 250 malicious documents - model size doesn’t matter.
Hidden backdoors trigger gibberish or manipulated output.
-
AI models can acquire backdoors from surprisingly few malicious documents - Scraping the open web for AI training data can have its draw... - https://arstechnica.com/ai/2025/10/ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/ #ukaisecurityinstitute #alanturinginstitute #aivulnerabilities #backdoorattacks #machinelearning #datapoisoning #trainingdata #llmsecurity #modelsafety #pretraining #airesearch #aisecurity #finetuning #anthropic #biz #ai
-
AI models can acquire backdoors from surprisingly few malicious documents - Scraping the open web for AI training data can have its draw... - https://arstechnica.com/ai/2025/10/ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/ #ukaisecurityinstitute #alanturinginstitute #aivulnerabilities #backdoorattacks #machinelearning #datapoisoning #trainingdata #llmsecurity #modelsafety #pretraining #airesearch #aisecurity #finetuning #anthropic #biz #ai
-
Anthropic: "In a joint study with the UK AI Security Institute and the Alan Turing Institute, we found that as few as 250 malicious documents can produce a "backdoor" vulnerability in a large language model—regardless of model size or training data volume. "
-
Anthropic: "In a joint study with the UK AI Security Institute and the Alan Turing Institute, we found that as few as 250 malicious documents can produce a "backdoor" vulnerability in a large language model—regardless of model size or training data volume. "
-
One in four organizations victims of AI data poisoning #ArtificialIntelligence #DataPoisoning
https://betanews.com/2025/09/17/one-in-four-organizations-victims-of-ai-data-poisoning/
-
Sad we have to now waste double the resources. But we all knew this was coming ...
#ai #DataPoisoning #UsersAreFodder #CyberResilience #CyberSecurity
-
LOL apparently one of my daughter's projects in school was to fool an AI/machine learning engine to think a photo of one of the pet rabbits here was a coyote. (which apparently worked great). #cybersecurity #datapoisoning
-
Thinking about blocking IPs of #AI bots from #OpenAI and sorts on your web server? There’s a better way: feed their scrapers loads of nonsensical data instead. I love that idea! 🤣
https://algorithmic-sabotage.github.io/asrg/posts/sabot-in-the-age-of-ai/