Untargeted jailbreaks: a broader stress test for LLM safety

Kari Jaaskelainen

06 Oct 2025 — 1 min read

New attack objective, bigger search space—higher risk.

This work proposes the first gradient-based untargeted jailbreak attack (UJA): instead of matching a fixed unsafe target, it maximizes the probability of an unsafe response using a judge model and a differentiable decomposition. In evaluations, UJA achieved over 80% success against recent safety-aligned LLMs with only 100 optimization steps, outperforming I-GCG and COLD-Attack by over 20%.

Why it matters: Broader attacks expose blind spots and can inform stronger defenses.

It’s a wind-tunnel for safety—find weaknesses before bad actors do. 🌬️🛡️⚠️

Review results to guide red-teaming and hardening strategies; share which mitigations you’d test next.

Paper: http://arxiv.org/abs/2510.02999v1

Register: https://www.AiFeta.com

Paper: http://arxiv.org/abs/2510.02999v1

Register: https://www.AiFeta.com

#AISafety #LLM #RedTeam #Security #AdversarialML #Alignment #SafetyEvaluation

Read more

Automating GDPR Compliance: A Roadmap for Companies and Law Firms

Automating GDPR Compliance: A Roadmap for Companies and Law Firms

GDPR compliance is more than checkboxes. A new roadmap from the Privatech project shows how automation and machine learning can help companies and law firms assess—and even generate—privacy compliance. * Shift the focus to data processors’ real workflows: drafting policies, mapping data uses, documenting decisions. * Break compliance into machine-ready

FPGAs for Faster, Leaner Deep Learning: A Review of CNN Accelerators

FPGAs for Faster, Leaner Deep Learning: A Review of CNN Accelerators

Deep learning drives image search, robots, and medical scans. Most systems lean on CPUs and GPUs. This review asks: what if we run convolutional neural networks (CNNs) on FPGAs—reconfigurable chips you can tailor to the model? * Why FPGAs: custom dataflows, low latency, and strong energy efficiency—great for cameras,

Dynamic-K: Recommendations That Know When to Stop

Dynamic-K: Recommendations That Know When to Stop

Most apps show a fixed number of “top” items—say 10 movies or 20 products—assuming there are always enough good options. But that’s not always true: sometimes there are few relevant items, or some users are extra picky. The result? Filler recommendations. Dynamic-K flips the script. Instead of

Teaching chatbots to stop contradicting themselves (DECODE)

Teaching chatbots to stop contradicting themselves (DECODE)

Teaching chatbots to stop contradicting themselves Ever had a bot say one thing, then the opposite a few turns later? This study introduces DECODE—a new task and dataset for spotting contradictions in everyday conversations, drawn from both human-human and human-bot chats. * New data beats existing natural language inference (NLI)