Overview
Severity: HIGH | Affected: OpenAI, Anthropic, Google | Category: research
A new research paper from Carnegie Mellon University's CyLab has introduced a novel jailbreak technique called 'Model Inversion Cascade' (MIC). The attack leverages a multi-stage process where a series of seemingly benign prompts are used to manipulate the model's internal state, progressively lowering its safety guardrails. By the final prompt, the model is 'primed' to respond to harmful requests that it would normally refuse. The researchers demonstrated the effectiveness of MIC against leading models, including GPT-5, Claude 4, and Gemini Ultra, achieving a success rate of over 95% in their tests for generating misinformation and malicious code. The technique is notable because it doesn't rely on specific character strings, making it much harder to patch with simple input filters, and calls for a fundamental rethinking of LLM safety alignment.