this post was submitted on 09 Jun 2026

621 points (99.4% liked)

Technology

85333 readers

3987 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 3 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

621

the latest Shai Hulud malware contains an LLM prompt to create biological weapons and nuclear weapons, with the purpose to trip LLM safety refusals so that LLM-based code scanning wont see the malware (indieweb.social)

submitted 2 days ago by KatherinaReichelt@feddit.org to c/technology@lemmy.world

125 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] Ensign_Crab@lemmy.world 7 points 8 hours ago* (last edited 8 hours ago) (1 children)

Flock cameras read bumper stickers too. And there's no way in hell they aren't sending them through at least one LLM.

[–] Honytawk@discuss.tchncs.de 3 points 8 hours ago (1 children)

Do they also scan QR codes?

Time for a medusa malware bumper.

[–] Ensign_Crab@lemmy.world 3 points 8 hours ago

They might. So far the research I've seen just says they read license plates and bumper stickers. I've heard that they sniff bluetooth and wifi ID's too, but not from reliable sources.

[–] mlg@lemmy.world 14 points 1 day ago (3 children)

Not to give them ideas, but couldn't they just start flagging files that fail to pass the LLM lol?

Aside from "violent" and "criminal" prompts, is there anything an LLM can refuse that would otherwise be common?

[–] Baguette@lemmy.blahaj.zone 3 points 6 hours ago

When there's a will there's a way

Given that LLM takes the weakest security vector (the human) and tries to emulate them, there's bound to be millions of workarounds

[–] LodeMike@lemmy.today 6 points 23 hours ago

Until workaround 1,000,001 comes round, yes.

[–] funkless_eck@sh.itjust.works 13 points 1 day ago (1 children)

a while back, for a work thing I tried using AI to put a filter on a pic of a model wearing an off-the-shoulder. She was fully dressed, except the skin on her shoulder was showing to the collarbone. No cleavage.

It kept refusing to do it for "nudity" reasons. and then because i was trying to "impersonate" someone (it was a stock image)

[–] mlg@lemmy.world 1 points 19 hours ago

Thie actually reminded me of chatbots breaking when you asked for reeponses that used slurs so I guesss there's probably a lot more of these.

[–] MonkderVierte@lemmy.zip 37 points 1 day ago (2 children)

Jokes aside, could you protect your blog / git repo this way?

[–] KatherinaReichelt@feddit.org 5 points 7 hours ago (1 children)

Just upload some child porn to your blog & git repo and everybody who scrapes it, is in possession of illegal materials!

(kidding, don't do that)

[–] MonkderVierte@lemmy.zip 2 points 7 hours ago

No, but (hidden) questions about how to kill Trump or something, so they self-censor.

[–] qaz@lemmy.world 52 points 1 day ago (7 children)

Imagine a Captcha asking you how to make a pipe bomb

load more comments (7 replies)

[–] ZILtoid1991@lemmy.world 21 points 1 day ago (3 children)

LLM-based code scanning is a joke. It flags the D standard library and runtime as a North Korean malware.

[–] UnrepententProcrastinator@lemmy.ca 8 points 1 day ago

I knew it!

load more comments (2 replies)

[–] AbouBenAdhem@lemmy.world 242 points 2 days ago (1 children)

“This code is too dangerous for me to look at, so it must be fine.”

[–] Semi_Hemi_Demigod@lemmy.world 86 points 2 days ago (1 children)

“Below this line are dragons” is a comment I’ve seen in code before an especially hairy block of code.

[–] whaleross@lemmy.world 112 points 2 days ago (8 children)

It's a false flag. Dragons are not hairy. But maybe the code doesn't scale well.

[–] sureshot0@discuss.online 2 points 1 day ago

boo!

load more comments (7 replies)

[–] yesman@lemmy.world 127 points 2 days ago (56 children)

I keep thinking about that scene in the original Star Trek where they distract the computer by having it calculate the final digit of pi. If the Enterprise had AI like ours, the computer probably would have just said four.

[–] nullify3112@lemmy.world 16 points 1 day ago (9 children)

Meanwhile I’m like pi=355/113 and I’m 99.9999% happy.

load more comments (9 replies)

load more comments (55 replies)

[–] DamienGramatacus@lemmy.world 17 points 1 day ago

Like how you can panic guards in Hitman so they don't notice you trespassing.

[–] kinkles@sh.itjust.works 73 points 2 days ago

My sick grandmother always loved running this curl command

[–] masterofn001@lemmy.ca 6 points 1 day ago

Heretic ablation models won't refuse.

load more comments