Chatbots like ChatGPT can be jailbroken to output harmful text. But what about robots? Can AI-controlled robots be jailbroken to perform harmful actions in the real world? Our new paper finds that jailbreaking AI-controlled robots isn't just possible. It's alarmingly easy. 🧵

🤖 Robots rarely see the true world's state—they operate on partial, noisy visual observations. How should we design algorithms under this partial observability? Should we decide (end-to-end RL) or distill (from a privileged expert)? We study this trade-off in locomotion. 🧵(1/n)

My first paper from @AnthropicAI! We show that the number of samples needed to backdoor an LLM stays constant as models scale.

Very interesting insights into understanding when and why synthetic data (although imperfect and biased) can boost the performance of statistical inference!! 📈📈

We're at #COLM2025 to present our work on building diverse reasoning models by weight ensembling. If you're curious about improving test-time scaling + theoretical limits, come talk to @xingyudang and @AdtRaghunathan at our poster session Poster #58 on Thursday 11 AM!

🚨 Reminder: 45 days left to submit to L4DC 2026! 🚨 We encourage all researchers to submit their work to the Learning for Dynamics & Control Conference (L4DC 2026) which will take place at USC in Los Angeles between June 17–19, 2026. 🗓️ Paper submission deadline: Nov. 8, 2025

There’s been a lot of work on unlearning in LLMs, trying to erase memorization without hurting capabilities — but we haven’t seen much success. ❓What if unlearning is actually doomed from the start? 👇This thread explains why and how *memorization sinks* offer a new way forward.

One thing years of memorization research has made clear: unlearning is fundamentally hard. Neurons are polysemantic & concepts are massively distributed. There’s no clean 'delete'. We need architectures that are "unlearnable by design". Introducing, Memorization Sinks 🛁⬇️

🚨 Super excited to finally share our Safety Pretraining work — along with all the artifacts (safe data, models, code)! In this thread 🧵, I’ll walk through our journey — the key intermediate observations and lessons, and how they helped shape our final pipeline.

@geteviapp @dylanjsam @goyalsachin007 @AlexRobey23 @yashsavani_ @yidingjiang @andyzou_jiaming @zacharylipton @zicokolter This is exactly what the second bar in the results shows! https://t.co/CGJABEz83I

Check out our approach to 𝐬𝐚𝐟𝐞𝐭𝐲 𝐩𝐫𝐞𝐭𝐫𝐚𝐢𝐧𝐢𝐧𝐠 , where we pretrain 2B models from scratch on filtered web data to be safe by construction 🚀

LLMs lose diversity after RL post-training, and this hurts test-time scaling & creativity. Why does this collapse happen, and how can we fix it? Our new work introduces: 🔍 RL as Sampling (analysis) 🗺️ Outcome-based Exploration (intervention) [1/n]

1/Excited to share the first in a series of my research updates on LLM pretraining🚀. Our new work shows *distilled pretraining*—increasingly used to train deployable models—has trade-offs: ✅ Boosts test-time scaling ⚠️ Weakens in-context learning ✨ Needs tailored data curation

Embodied AI isn’t just chatbots with arms! It’s a new frontier of risk. Our paper shows how badly current laws lag behind and what needs to change before deployment accelerates.

New pre-print! Embodied AI is the next wave of technological disruption. But what risks do EAI systems pose and how should policymakers respond? https://t.co/4XYs5CO1wr Coupled with excitement and opportunity, Embodied AI pose distinct risks – from physical harm to societal

A delight to work with my wonderful collaborators @AlexRobey23 , @FazlBarez , Luciano Floridi and @jakobmokander. All feedback welcome on this preprint! https://t.co/J6JagTCTA0

Interested? The full paper lays out a risk taxonomy, reviews existing governance frameworks, and offers concrete steps to close gaps. Led by the fantastic @_perloj along with @FazlBarez, Luciano Floridi, and @jakobmokander. Paper link:

Recent AI policy—shaped by safety-related concerns—mostly targets virtual models (e.g., LLMs). But embodied AI introduces new risks, including the possibility of harm in the physical world. And current US/EU/UK frameworks rarely name or scope these embodied risks explicitly.

Embodied AI (drones, humanoids, etc.) is advancing rapidly, but governance has not kept pace. Our new paper asks: What should future policy look like for AIs that can act autonomously in the physical world? See below for a short 🤖🧵:

🌻 Excited to announce that I’ve moved to NYC to start as an Assistant Prof/Faculty Fellow at @nyuniversity! If you’re in the area, reach out & let’s chat! Would love coffee & tea recs as well 🍵

Excited to share some life updates: I successfully defended my thesis, written under the guidance of my advisor Prof. Jaime Fernández Fisac (@jaime_fisac @EPrinceton). I'll join the Johns Hopkins Department of Computer Science (@JHUCompSci) next summer as an Assistant Professor.