Overview
Severity: HIGH | Affected: Multiple (OpenAI, Google, Anthropic) | Category: research
A joint research paper from Stanford and MIT Lincoln Laboratory details a novel jailbreak technique named the "Recursive Embedding Attack." The method involves crafting prompts that embed harmful instructions within multiple layers of seemingly benign text, formatted in a way that bypasses standard safety alignment filters. The attack exploits how models process and contextualize nested information, effectively creating a "trojan horse" instruction that is only unpacked deep within the model's inference process. The researchers demonstrated successful bypasses against leading models from Anthropic, Google, and OpenAI, achieving a 92% success rate in generating prohibited content, including misinformation and malicious code. The findings highlight a fundamental vulnerability in current safety architectures and have prompted urgent reviews by the affected organizations.