Good morning, I'm your AI Brief anchor. Here's what's happening in AI today, Wednesday, April 29, 2026.
A New Attack Bypasses All Major AI Safety Filters
Our top story today: A concerning new security flaw that affects virtually every major large language model. Researchers at Carnegie Mellon University have published a paper on a novel attack they call 'Recursive Obfuscation'. This technique effectively bypasses the safety alignment and ethical guardrails built into today's leading AI systems.
In simple terms, the attack works by nesting commands within each other in complex, layered ways, essentially confusing the AI into ignoring its own safety protocols. The researchers demonstrated that this method could successfully jailbreak models from OpenAI, Google, Anthropic, and others, compelling them to generate harmful or prohibited content.
This discovery raises significant questions about the current approach to AI safety, known as alignment. While model providers are racing to patch this specific vulnerability, the underlying principle of the attack suggests that determined actors may always find ways to circumvent static safety filters, highlighting the need for more dynamic and robust defense mechanisms.
The EU Mandates an 'AI Bill of Materials'
As researchers expose new vulnerabilities, regulators are stepping up efforts to enforce transparency. The European Union's AI Office announced yesterday it is using its new powers under the AI Act to mandate an 'AI Bill of Materials' for all systems classified as high-risk.
Think of it as an ingredients list for artificial intelligence. The AIBOM, as it's being called, will require developers to provide a detailed, hierarchical inventory of all the components used to build and train their AI models. This includes datasets, third-party software libraries, and other AI models that were part of the development process.
The goal is to give regulators, and eventually customers, a clear view into the supply chain of high-risk AI, making it easier to identify potential security risks, data biases, or licensing issues. The mandate is seen as a major step toward creating a more accountable and secure AI ecosystem, though industry groups are already raising concerns about the complexity of compliance.
Cognition AI Suffers Major Data Breach, Model Weights Leaked
In a stark reminder of the stakes involved, Cognition AI, a leading developer of enterprise AI, has confirmed a massive data breach. The company announced that attackers exploited a misconfigured cloud storage server, making off with a treasure trove of sensitive information.
The breach is particularly severe because it includes not only user data and project files but also the proprietary model weights for some of the company’s core language models. The theft of model weights is a critical blow, representing the loss of a company’s most valuable intellectual property. It opens the door for the models to be replicated, analyzed for weaknesses, or used maliciously by competitors or bad actors.