Overview
Severity: HIGH | Affected: Multiple LLM Providers | Category: research
A new research paper published by security researchers at Carnegie Mellon University details a novel jailbreak technique named 'Recursive Embedding'. The attack circumvents the safety alignment of major large language models by encoding malicious instructions within nested data structures, such as layered JSON or XML, which are then embedded in an otherwise benign prompt. The model's initial safety filters fail to detect the threat, but as the model recursively unpacks and interprets the data structure to formulate a response, it processes and executes the hidden malicious instruction. The technique has been shown to be effective against leading models from Google, Anthropic, and other major AI labs, achieving a success rate of over 85% in generating prohibited content, including misinformation and malicious code. The research highlights a fundamental vulnerability in how LLMs process complex, structured data and calls for more sophisticated, context-aware safety mechanisms.