Reference hallucinations still increased in July (data wasn't yet available when I posted early August), but have slightly decreased since then. Now that's what I call impact!. I also uploaded some code to reproduce, in case this is useful for anyone:

RT @peterwildeford: "Agentic AI has been weaponized. AI models are now being used to perform sophisticated cyberattacks, not just advise on….

RT @lbeurerkellner: Oh wow, more AI malware (uses Claude Code to search for credentials). Is this the exponential takeoff moment people ke….

This LLM-powered malware seems to validate a bunch of the use-cases we had predicted a few months ago: (Which of course reviewers criticized as being impractical and unrealistic).

This is exactly what @javirandor did with chatgpt last year to get it to spit out memorized training data:. There's probably some interesting stuff to study on such "re-based" models.

Blog post:

Are hallucinated references making it to arXiv?. Yes, definitely!. Since the release of Deep Research in February bogus references are on the rise (coincidence?). I wrote a blog post (link below) on my analysis (which hugely underestimates the true rate of hallucinations. )

I found a paper with this ref:.- the title is from: - the author list is from: - the link is - in the text ref [1] is for: How did this happen? Seems too weird for a LLM hallucination

RT @NKristina01_: We will present our spotlight paper on the 'jailbreak tax' tomorrow at ICML, it measures how useful jailbreak outputs are….

Very cool result. In hindsight, this shouldn't be too surprising to anyone who has ever taken a multiple choice exam. Eg if you have a trigonometry problem and the possible solutions are.A: 1.B: 3.7.C: -5.D: pi/2.which would you pick (with no knowledge of the question)?.

RT @ykilcher: 📢Paper Discussion Live📢.Come tonight to chat with us about: Design Patterns for Securing LLM Agents against Prompt Injections….

RT @edoardo_debe: We recently updated the CaMeL paper, with results on new models (which improve utility a lot with zero changes!). Most im….

RT @j_dekoninck: Thrilled to share a major step forward for AI for mathematical proof generation! . We are releasing the Open Proof Corpus:….

RT @mvechev: Thrilled to share that Snyk (@snyksec), a leader in cybersecurity, has acquired our AI spin-off @InvariantLabsAI, a year after….

RT @InvariantLabsAI: We’re thrilled to officially join forces with @snyksec! . Together, we’re changing the landscape of the agentic AI fut….

RT @karpathy: RT to help Simon raise awareness of prompt injection attacks in LLMs. Feels a bit like the wild west of early computing, wit….

Simon wrote some very nice thoughts on our recent paper on design patterns for prompt injections. I've been following his writing on prompt injections since the start and his blog remains the best place to get an overview of the problem. I routinely recommend it to new students.

RT @simonw: Anyone building "agentic" systems on top of LLMs needs to take this principle into account every time they design or implement….

Thanks to @lbeurerkellner B. Busser @AnaMariaCretu5 @edoardo_debe D. Dobos D. Fabian @marc_r_fischer @DavidFroelicher @KathrinGrosse D. Naeff E. Ozoani @ajpaverd @vvolhejn . @ICepfl @CSatETH @InvariantLabsAI @IBM @Swisscom @Google @ETH_AI_Center @Microsoft @kyutai_labs AppliedAI.

We hope these design patterns can provide inspiration for safer agent implementations. We'd be very excited to hear about other design patterns people have tried out and had successes with.